Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
426
Views
5
Helpful
4
Replies

More CSS11506 Help SSL certs ?

Go to solution
dclee
Level 1
Level 1

‎05-10-2007 10:33 AM

The next CSS questions I have is this.

I have a need to have multiple web servers (port 80)on the backend behind the CSS. Each have a unique web service and URL.

I need to be able to terminate all of the front end web connections via HTTPS. Now obviously each web instance will have its own signed cert.

Is there a way to use just one public VIP on the CSS that each web url resolves to, but configure the CSS based on the url to use the appropriate cert for each site and then proceed with the backend port 8o connection ? Or am I stuck having to use one public IP per https connection ?

Thanks for all the help so far. I have learned a ton on the CSS since yesterday. Definitely a sophisicated piece of hardware.

Cheers

Dave

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8
In response to dclee

‎05-10-2007 11:54 AM

you can support multiple Domains on a single VIP but you need to use a different port number per domain (eg 443 for one appl , 886 for another) so you can differentiate and map them to the right cert.

Other wise you will need to associate unique vip to each application using same 443 port.

Syed

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8

‎05-10-2007 11:17 AM

You cannot use " url" command under SSL content rule as the CSS cannot read the header since it is encrypted. Css can only read the header once it is decrypted.

Syed

Go to solution
dclee
Level 1
Level 1
In response to Syed Iftekhar Ahmed

‎05-10-2007 11:21 AM

Okay fair enough, so what are my options if I need to terminate more than 1 https connection

per CSS.

Cheers

Dave

0 Helpful

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8
In response to dclee

‎05-10-2007 11:54 AM

you can support multiple Domains on a single VIP but you need to use a different port number per domain (eg 443 for one appl , 886 for another) so you can differentiate and map them to the right cert.

Other wise you will need to associate unique vip to each application using same 443 port.

Syed

0 Helpful

Go to solution
dclee
Level 1
Level 1
In response to Syed Iftekhar Ahmed

‎05-10-2007 11:56 AM

Well, the one main requirement is standard ports meaning 443 for everything. So my only option is unique VIPS. Now that is clear I can move on.

Thanks alot for the help.

Cheers

Dave

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents