Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2115
Views
0
Helpful
2
Replies

SSL Acceleration Config

simmo
Level 1
Level 1

‎01-15-2014 07:29 PM

Hi All,

can you help clarify my understanding on how to configure SSL Acceleration..... I have do essentially do 3 things...

1st, enable the SSL Accelerator under Accelerator Optimization (at both data centre and branch office WAAS Devices), but this will do nothing on it's own.

Secondly, on the Data Centre WAAS, under SSL Accelerated Services, I have to create a service, that is 'bound' to the host/server that is providing SSL Services (ie any web host that uses https to). This will allow the WAAS to proxy the certificates that would normally flow between client and host.

Then, I need to repeat the above step for all SSL servers.

Finally, I need to ensure that Secure Storage is configured, so that when the WAAS decrypted the SSL packets, it will not be vunerable to allowing unauthorised viewing of that info. This is acheived simply by clicking 'initialize secure store' under Configure > Security > Secure Store

Thanks in advance!

Cheers, Simmo.

0 Helpful
2 Replies 2

csebala_r1
Level 1
Level 1

‎01-21-2014 04:43 AM

Hi,

Cisco WAAS has an option to create self-signed certificates and private keys/ Generate certificate signing request (Our own CA) or this can imported from existing certificate and key if we have them.

When a connection is requested, the WAN optimization device in the data center splits the original SSL connection from the client to the SSL server into two SSL connections. To the client the connection appears as the SSL server, and to the SSL server it appears as the SSL client. To act as the SSL server, the data center WAN optimization device needs an authentication certificate for each SSL service it is optimizing. When the WAN optimization device intercepts a connection request from a client, it uses the SSL server IP address/domain name to associate the certificate with the client.

You can refer below link for configuring the SSL and moreover you can view the white paper for example

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/configuration/guide/policy.html#wp1191888

0 Helpful

Prabhu S
Level 1
Level 1

‎01-23-2014 01:21 AM

Hi,

Please find the SSL Integration method  between DC WAVE and Branch WAVEas below url

http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/deployment_guide_c07-541981.html

0 Helpful
Customers Also Viewed These Support Documents