Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module

policy http-header

In addition to the standard HTTP headers, the following header information is inserted:

Note The alias name (My-Session-Cipher) is used instead of the standard name (session-cipher-name).

SSL-OFFLOAD-Client-IP:7.100.100.1

SSL-OFFLOAD-Client-Port:59008

SSL-OFFLOAD-SOFTWARE VERSION:3.1(1)

SSL-OFFLOAD-module:SSL MODULE - CATALYST 6500

SSL-OFFLOAD-type-of-proxy:server_proxy_1024_bit_key_size

SSL-OFFLOAD-Session-Id:33:FF:2C:2D:25:15:3C:50:56:AB:FA:5A:81:0A:EC:E9:00:00:0A:03:00:60:

2F:30:9C:2F:CD:56:2B:91:F2:FF SSL-OFFLOAD-My-Session-Cipher:RC4-SHA SSL-OFFLOAD-Session-Cipher-Key-Size:128 SSL-OFFLOAD-Session-Cipher-Use-Size:128 SSL-OFFLOAD-Session-Step-Up:FALSE SSL-OFFLOAD-Session-Initial-Cipher-Key-Size: SSL-OFFLOAD-Session-Initial-Cipher-Name: SSL-OFFLOAD-Session-Initial-Cipher-Use-Size: SSL-OFFLOAD-ClientCert-Valid:1 SSL-OFFLOAD-ClientCert-Error:none

SSL-OFFLOAD-ClientCert-Fingerprint:1B:11:0F:E8:20:3F:6C:23:12:9C:76:C0:C1:C2:CC:85 SSL-OFFLOAD-ClientCert-Subject-CN:a SSL-OFFLOAD-ClientCert-Issuer-CN:Certificate Manager SSL-OFFLOAD-ClientCert-Certificate-Version:3 SSL-OFFLOAD-ClientCert-Serial-Number:0F:E5 SSL-OFFLOAD-ClientCert-Data-Signature-Algorithm:sha1WithRSAEncryption SSL-OFFLOAD-ClientCert-Subject:OID.1.2.840.113549.1.9.2 = ste2-server.cisco.com + OID.2.5.4.5 = B0FFF22E, CN = a, O = Cisco

SSL-OFFLOAD-ClientCert-Issuer:CN = Certificate Manager, OU = HSS, O = Cisco, L = San Jose, ST = California, C = US

SSL-OFFLOAD-ClientCert-Not-Before:22:29:26 UTC Jul 30 2003

SSL-OFFLOAD-ClientCert-Not-After:07:00:00 UTC Apr 27 2006

SSL-OFFLOAD-ClientCert-Public-Key-Algorithm:rsaEncryption SSL-OFFLOAD-ClientCert-RSA-Public-Key-Size:1024 bit SSL-OFFLOAD-ClientCert-RSA-Modulus-Size:1024 bit SSL-OFFLOAD-ClientCert-RSA-Modulus:B3:32:3C:5E:C9:D1:CC:76:FF:81:F6:F7:97:58:91:4D:B2:0E: C1:3A:7B:62:63:BD:5D:F6:5F:68:F0:7D:AC:C6:72:F5:72:46:7E:FD:38:D3:A2:E1:03:8B:EC:F7:C9:9A: 80:C7:37:DA:F3:BE:1F:F4:5B:59:BD:52:72:94:EE:46:F5:29:A4:B3:9B:2E:4C:69:D0:11:59:F7:68:3A: D9:6E:ED:6D:54:4E:B5:A7:89:B9:45:9E:66:0B:90:0B:B1:BD:F4:C8:15:12:CD:85:13:B2:0B:FE:7E:8D: F0:D7:4A:98:BB:08:88:6E:CC:49:60:37:22:74:4D:73:1E:96:58:91 SSL-OFFLOAD-ClientCert-RSA-Exponent:00:01:00:01 SSL-OFFLOAD-ClientCert-X509v3-Authority-Key-Identifier:keyid=EE:EF:5B:BD:4D:CD:F5:6B:60: 9D:CF:46:C2:EA:25:7B:22:A5:08:00 SSL-OFFLOAD-ClientCert-X509v3-Basic-Constraints: SSL-OFFLOAD-ClientCert-Signature-Algorithm:sha1WithRSAEncryption

SSL-OFFLOAD-ClientCert-Signature:87:09:C1:F8:86:C1:15:C5:57:18:8E:B3:0D:62:E1:0F:6F:D4:9D: 75:DA:5D:53:E2:C6:0B:73:99:61:BE:B0:F6:19:83:F2:E5:48:1B:D2:6C:92:83:66:B3:63:A6:58:B4:5C: 0E:5D:1B:60:F9:86:AF:B3:93:07:77:16:74:4B:C5 SSL-OFFLOAD-ClientCert-X509v3-Subject-Alternative-Name: ipAddress=192.168.1.100,rfc822Name=my@other.com SSL-OFFLOAD-ClientCert-X509v3-Key-Usage: Digital Signature,Non-Repudiation,Key Encipherment,

Data Encipherment,Key Agreement,Key Cert Sign,CRL Signature,Encipher Only,Decipher Only

SSL-OFFLOAD-ClientCert-X509v3-Authority-Information-Access: Access Method=OCSP,Access

Location=http://ocsp.my.host/"

SSL-OFFLOAD-ClientCert-X509v3-CRL-Distribution-Points: http://myhost.com/myca.crl

Related Commands show ssl-proxy policy

Catalyst 6500 Series Switch SSL Services Module Command Reference

2-38

OL-9105-01

 

 

Page 63 Page 65
Page 64
Image 64
Cisco Systems 6500 manual Related Commands show ssl-proxy policy, SSL-OFFLOAD-SOFTWARE VERSION3.11
Page 63 Page 65
Top Page Image Contents