12-04-2002 10:45 AM
I figure this would work, but am looking for some confirmation.
Thanks!
Clayton
12-10-2002 12:14 PM
This is from a Cisco documentation:
The Clients send encrypted traffic on port 443, the standard SSL port. The CSM listens on port 443 and load balances the encrypted traffic to an internal "server farm" of SSL modules. The selected SSL Service Module decrypts the traffic, stamps it with a SSL Session ID, opens a clear-text connection to a Versatile Interface Processor (VIP) on the CSM, and sends the traffic to a port that has been configured to receive "decrypted SSL traffic", for examples port 81.
12-10-2002 12:59 PM
Thanks, however in our case we are not using the SSL module.
I have since ruled out using ssl persistence due to Internet Explorer renegoting the SSL session ID every two minutes. This would break the persistence.
I do have a new question. I have not had any luck doing a keepalive check against an https port. I see that there is keepalive http, but no keepalive https. The standard http one fails against ssl enabled ports.
12-10-2002 05:55 PM
HI,
An option to do SSL keepalive may be to use a TCP based keepalive on port 443.
Regards
12-10-2002 07:37 PM
Thanks, That is what I ended up doing. It would be nice to perform an actual GET of a page. Sometimes our applications will hang, but the tcp port will still be listening.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide