Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

CSM HTTPS or SSL Health Probe

We are currently using TCP probe for HTTPS webServer health checking. Is there a HTTPS or SSL probe available on CSM to send a url to detect if the HTTPS Apache WebServer is up or not?

Many Thx, Q.Xie

4 REPLIES
Cisco Employee

Re: CSM HTTPS or SSL Health Probe

no, there is not such option because the CSM does not have the capability to do encryption/decryption.

The CSS does have this option if you have the SSL module.

Gilles.

Cisco Employee

Re: CSM HTTPS or SSL Health Probe

Gilles, Thx for quick reply.

We do have SSL Module combined with CSM. Can we do something in this case? I heard that, there is a SSL probe script(TCL) available which can be used for SSL probe. Are you aware of it?

Q.Xie

Cisco Employee

Re: CSM HTTPS or SSL Health Probe

You can download the TCL script file from the same locstion as the CSM software.

In this TCL file you should find the following scripts

[root@linux-1 cisco]# cat /tftpboot/c6slb-apc.4-2-1.tcl | grep -i "name ="

#!name = CHECKPORT_STD_SCRIPT

#!name = ECHO_PROBE_SCRIPT

#!name = FINGER_PROBE_SCRIPT

#!name = FTP_PROBE_SCRIPT

#!name = HTTPCONTENT_PROBE

#!name = HTTPHEADER_PROBE

#!name = HTTPPROXY_PROBE

#!name = HTTP_PROBE_SCRIPT

#!name = IMAP_PROBE

#!name = LDAP_PROBE

#!name = MAIL_PROBE

#!name = POP3_PROBE

#!name = PROBENOTICE_PROBE

#!name = RTSP_PROBE

#!name = SSL_PROBE_SCRIPT

#!name = TFTP_PROBE

There is a SSL_PROBE_SCRIPT that will verify that the SSL server respond to a client SSL HELLO message.

It does not verify if you can send an HTTP request.

It only sends a HELLO as a client and wait for the server HELLO.

With the SSLM for the CSM, there might be a way to achieve HTTPS probe.

I never tried it, but the solution I see would be to create an HTTP probe on the CSM and direct to the SSLM which will do the encryption and forward it to the server.

Regards,

Gilles

Cisco Employee

Re: CSM HTTPS or SSL Health Probe

Thanks Gilles. I like the idea to send a HTTP probe to HTTPS via SSLM. Will try that. Q.Xie

596
Views
0
Helpful
4
Replies
CreatePlease login to create content