Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

SSL offloading on ACE

Hi all,

I'm working on deployment of ACE appliances for our customer. They want to terminate SSL connections on the ACE. But it's not HTTP encrypted inside.

It's some proprietary protocol encrypted inside the SSL. Here, the server contacts the client first, after the TCP/SSL connection is established.

But with ACE, after the SSL is set up, the ACE is waiting for some message from the client.

What I need is to instruct the ACE to establish the TCP connection to real server immediately after the SSL handshake is done.

Unfortunately, end-to-end SSL is not an option. The real server does not support SSL.

Does anyone have similar experience? Or some magic command, which would do this?

4 REPLIES
Silver

Re: SSL offloading on ACE

It seems like the bug CSCsk70822

Community Member

Re: SSL offloading on ACE

Actually, we're running latest OS:

Version A3(2.0) build 3.0(0)A3(2.0)

I'd say this behavior is standard. ACE waits for HTTP GET message before it initiates TCP session to real server.

The question is, how to change it..

Cisco Employee

Re: SSL offloading on ACE

disable persistence rebalance with a parameter-map and it will open the connection right after the ssl handshake without waiting for some data.

Gilles.

Community Member

Re: SSL offloading on ACE

will try. thanks for hint.

359
Views
0
Helpful
4
Replies
CreatePlease to create content