Cisco ACE End-to-End SSL Configuration !!!

Unanswered Question
May 13th, 2010
User Badges:


I want to know that what do we need at SSL based Servers to be ready for such type of configuration....

In this configuration, ACE behaves as SSL Client while Load Balalnced Servers are serving as SSL Server. Do they need Certificate or Key to be installed?

I need to advice the customer that what would be required to be configured for Load Balalnced Servers.

Appreciate for the help...



Mubasher Sultan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dario.didio Fri, 05/14/2010 - 00:54
User Badges:
  • Silver, 250 points or more


if you speak about end-to-end SSL, you do mean that a client connects to the VIP in SSL, the ACE terminates the SSL connection, performs some load-balancing decisions, reencrypts the traffic and sends it, again encrypted, to the server.

For that to work, you need a key-cert pair to do the SSL termination ==> SSL -proxy server

For the SSL initiation (ACE to server traffic) you do not need a key-cert pair  ==> SSL -proxy client

Take a look at following example on how this is configured:




This Discussion