The (IIS) site has a certificate but its use is not mandated.
In a new environment to whichi we are migrating, we have SSL offloading. We still want one DNS entry for thissite.here.com, and this ought to be an IP addresses held by the SSL module - but this only works if (paradoxically), that SLL module can also be sent not to mandate the use of SSL.
In most environments, you don't use the SSL module alone, but rather along with a load balancer. In those cases, you can configure the load-balancer with the same IP address for two different ports and then send the SSL traffic to the SSLM and the rest to the servers directly.
If you are using a standalone SSLM, then, I'm afraid this is not possible.
By the way, I'm surprised to hear you are doing a new setup with the SSLM, as it's almost obsolete (see
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...