Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE SSL Offload Advantage on End to End SSL

Is there any advantages to doing SSL termination on ACE if you are doing End to End SSL?  It seems as thought it's just another place to manage certs, when you could just pass the port 443 traffic to the server and let it do the SSL decription/encryption. 

3 REPLIES
Silver

ACE SSL Offload Advantage on End to End SSL

Hi,

If you terminate on the ACE before re-encrypting you have an opportunity to look at the underlying plaintext and make decisions (e.g. cookie values).

HTH

Cathy

Bronze

Re: ACE SSL Offload Advantage on End to End SSL

If you have multiple servers behind ace, you do not need to install multiple carts on each server.

Sent from Cisco Technical Support iPad App

Silver

Re: ACE SSL Offload Advantage on End to End SSL

  • centralized point of management of your certs
  • performances (hardware-based)
  • you can use strong ciphers on the client side and weaker ciphers on the server sides, reducing the load on the servers
  • use of SSL Reuse combined to TCP offload

There are some whitepapers available on cisco.com on this topic.

734
Views
0
Helpful
3
Replies
CreatePlease to create content