The web-servers use the redundant-interface of the CSS as their default gateway.
I have installed a test cert from a trusted CA to test SSL termination. When I enter the URL with an https://<etc> I get to it, the web-page pops up and since it's a logon page, I enter my credentials. After it's authenticated, I get logged into my account but I'm reverted back to "http". I mean other than the obvious, for me to go and check the references in the pages that follow, would there by any chance be some config that I need in the CSS that needs to be done to keep me using https after logon or is it all to do with the page references (absolute/relative) in our web-pages?
Hello, thanks for the responses. I have tested the scenario on a demo system with NO CSS in the picture and needed to make changes in the database and code to allow for it to handle "https" but now it works in demo. So once we make those changes to production, It should work as well I'm assuming. Will get back to this if it doesn't.
thanks for the response. Sorry had gotten distracted with a bunch of other things, didn't get a chance to get back to this. Anyway, so, I can generate the 302 response in my web-servers except I need to turn it around to a different domain name. Now assuming I use URL re-write when I see this coming back from the web-server, I can rewrite this to https and send to the client? A few questions about this and the links you sent above with using redirect service.
a) can I do a a redirect to an https address or does it only do http (considering I only saw examples configs only using www.domain.com/index.html type redirects without specifying the protocol to use)?
b) If not, then I use URL rewrite in conjunction with the 302 from the web-servers. But for my SSL off-load in a pair of CSS using VIP and Virtul Interface redundancy, do I buy 2xSSL Certs for the same domain-name or do I buy ONE (i.e. generate the key-pair/CSR in Master CSS) and import the same rsakey and SSL Cert recd. from CA into both CSSs?
c) Does the CSS handle a wildcard SSL Cert without problems?
Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.
Here is the checklist before customers/partners contact Cisco TAC:
Firmware Version of APIC and Switch
Download Switch and APIC techsupport logs
Problem description (Symptoms with details)
Business impact (eg, what kind of services...
moquery usageAPIC moquerySwitchmoquery
This document discuss a common issue observed during the VMM integration & VM workload migration to ACI fabric.
VMware Virtual machines are hosted in Cisco UCS-B seri...