Chapter 3 Commands Specific to the Content Switching Module with SSL

ssl-proxy policy http-header

Table 3-3lists the commands available in HTTP header insertion configuration submode.

 

 

Table 3-3

HTTP Header Insertion Configuration Submode Command Descriptions

 

 

 

 

 

 

 

 

client-cert

 

Allows the back-end server to see the attributes of the client certificate

 

 

 

 

that the SSL module has authenticated and approved.

 

 

 

 

 

 

 

 

client-ip-port

 

Inserts the client IP address and information about the client port into

 

 

 

 

the HTTP header, allowing the server to see the client IP address and

 

 

 

 

port.

 

 

 

 

 

 

 

custom custom-string

Inserts the custom-stringheader into the HTTP header.

 

 

 

 

 

 

 

 

prefix

 

Adds the prefix-stringto the HTTP header to enable the server to

 

 

 

 

identify the connections that come from the SSL module, not from

 

 

 

 

other appliances.

 

 

 

 

 

 

 

 

session

 

Passes information that is specific to an SSL connection to the

 

 

 

 

back-end server as session headers.

 

 

 

 

 

 

 

 

 

 

 

Examples

 

This example shows how to enter the HTTP header insertion configuration submode:

 

 

ssl-proxy (config)# ssl-proxy policy http-header test1

 

 

ssl-proxy (config-http-header-policy)#

 

 

This example shows how to allow the back-end server to see the attributes of the client certificate that

 

 

the SSL module has authenticated and approved:

 

 

ssl-proxy (config-http-header-policy)# client-cert

 

 

ssl-proxy (config-http-header-policy)#

 

 

This example shows how to insert the client IP address and information about the client port into the

 

 

HTTP header, allowing the server to see the client IP address and port:

 

 

ssl-proxy (config-http-header-policy)# client-ip-cert

 

 

ssl-proxy (config-http-header-policy)#

 

 

This example shows how to insert the custom-string header into the HTTP header:

 

 

ssl-proxy (config-http-header-policy)# custom SSL-Frontend:Enable

 

 

ssl-proxy (config-http-header-policy)#

 

 

This example shows how to add the prefix-string into the HTTP header:

 

 

ssl-proxy (config-http-header-policy)# prefix

 

 

ssl-proxy (config-http-header-policy)#

 

 

This example shows how to pass information that is specific to an SSL connection to the back-end server

 

 

as session headers:

 

 

 

 

ssl-proxy (config-http-header-policy)# session

 

 

ssl-proxy (config-http-header-policy)#

 

 

show ssl-proxy policy

 

 

Related Commands

 

 

 

Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference

 

OL-7029-01

3-55

 

 

 

Page 277
Image 277
Cisco Systems OL-7029-01 manual Custom custom-string