Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

multiple SSL certificates on ACE

Hello

 

I currently have ACE configured with a wildcard SSL certificate, matches *.mydomain.com

Now, because my wildcard doesn't include sub-subdomains, I would like to add a new SSL certificate matching *.subdomain.mydomain.com.

 

My first wish was to add it directly in my actual ssl-proxy service :

ssl-proxy service SSL_PSERVICE_SERVER

  key mydomain.com.pem
  cert mydomain.com.pem
  chaingroup PROVIDER
  ssl advanced-options PARAMMAP_SSL_TERMINATION

to become

ssl-proxy service SSL_PSERVICE_SERVER
  key mydomain.com.pem
  key subdomain.mydomain.com.pem
  cert mydomain.com.pem
  cert subdomain.mydomain.com.pem
  chaingroup PROVIDER
  ssl advanced-options PARAMMAP_SSL_TERMINATION

 

Can I do it that way or do I have to add a new service / policy / etc. ?

 

Thanks !

Laurent

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hi Laurent,You will need to

Hi Laurent,

You will need to add the new certificate in new ssl-proxy. I did a quick test and added couple of certificates in ssl-proxy and i see it only took the last one which i added. When i see in show running-config, it shows me the last one only.

Regards,

Kanwal

2 REPLIES
Cisco Employee

Hi Laurent,You will need to

Hi Laurent,

You will need to add the new certificate in new ssl-proxy. I did a quick test and added couple of certificates in ssl-proxy and i see it only took the last one which i added. When i see in show running-config, it shows me the last one only.

Regards,

Kanwal

New Member

thanks a lot Kanwal ! very

thanks a lot Kanwal ! very clear and helpful.

72
Views
0
Helpful
2
Replies
CreatePlease to create content