Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSS SSL blade

Hi Gilles

With respect to the SSL blade on the CSS how can I have it configured for the following.

I have one web instance 10.1.1.1:2011. It has a certificate on it "cert" and one domain. Now I want it to service 2 more domains using the certificate cert_a and cert_b. Can I do this? How do I go about this?

Thank you

Regards

Soni

1 REPLY
Cisco Employee

Re: CSS SSL blade

you simply create new ssl_server in your proxylist.

Something like this :

ssl-proxy-list MyList

ssl-server 10 rsakey KEY-A

ssl-server 10 rsacert CERT-A

ssl-server 10 vip address x.x.x.xA

....

ssl-server 20 rsakey KEY-B

ssl-server 20 rsacert CERT-B

ssl-server 20 vip address x.x.x.xB

....

You need a new vip address or a new port for each domain. You can't use the same ip:port for different domain because the decryption process starts before we can determine which domain is contained in the HTTP header.

Gilles.

106
Views
0
Helpful
1
Replies