Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSL-server cipher command

Good day,

Just like to find out what does the "ssl-server xxx cipher" command do? is it something to do with SSL module & web servers communication?

i have this command on my configuration but it seems that the CSS donot talk to the web servers properly.

!*********************** SSL PROXY LIST ***********************

ssl-proxy-list SSL-LIST01

ssl-server 100

ssl-server 100 vip address 10.180.6.1

ssl-server 100 rsakey RSAKEYASSOCIATION1

ssl-server 100 rsacert CERTASSOCIATIO1

ssl-server 100 cipher rsa-with-rc4-128-sha 10.180.6.1 80

active

!************************** SERVICE **************************

service DETDRSERVER01

ip address 10.180.6.35

port 80

active

service DETDRSERVER02

ip address 10.180.6.37

port 80

active

service SSL-MODULE01

type ssl-accel

keepalive type none

slot 3

add ssl-proxy-list SSL-LIST01

active

!*************************** OWNER ***************************

owner OWNER

content DRSERVERS-HTTP-RULE

vip address 10.180.6.1

balance aca

add service MYDRSERVER02

add service MYDRSERVER01

protocol tcp

port 80

active

content DRSERVERS-SSL-RULE

vip address 10.180.6.1

application ssl

protocol tcp

port 443

add service SSL-MODULE01

active

when i tried it from IE, I get the certificate but it doesn't connect to the web server homepage.

What is the command to see the traffic between CSS & web servers.

Any help appreciated.

Thanks.

1 REPLY
Silver

Re: SSL-server cipher command

To assign a cipher suite to the virtual SSL server, use the ssl-server number cipher command. For each available SSL version, there is a distinct list of supported cipher suites representing a selection of cryptographic algorithms and parameters. Your choice depends on your environment, certificates and keys in use, and security requirements. By default, no supported cipher suites are enabled. Use the no form of this command to remove a cipher suite from the server.

For more information have a look at http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_command_reference_chapter09186a008011940f.html#1139899

281
Views
0
Helpful
1
Replies
CreatePlease to create content