Chapter 3 Commands Specific to the Content Switching Module with SSL

ssl-proxy service client

ssl-proxy service client

Syntax Description

Defaults

Command Modes

Command History

To enter the client proxy-service configuration submode, use the ssl-proxy service client command.

ssl-proxy service ssl-proxy-nameclient

ssl-proxy-nameSSL proxy service name.

Client NAT is disabled.

Global configuration

Release

Modification

SSL Services Module

Support for this command was introduced on the Catalyst 6500 series

Release 2.1(1)

switches.

CSM-S release 1.1(1) This command was introduced.

Usage Guidelines In client proxy-service configuration submode, you specify thattheproxy serviceacceptclear-texttraffic, encryptitinto SSL traffic,and forward itto theback-end SSL server.

In most cases, all of the SSL-server-proxy configurations that are performed are also valid for the SSL-client-proxy configuration, except for the following:

You must configure a certificate for the SSL-server-proxy but you do not have to configure a certificate for the SSL-client-proxy. If you configure a certificate for the SSL-client-proxy, that certificate is sent in response to the certificate request message that is sent by the server during the client-authentication phase of handshake protocol.

The SSL policy is attached to the virtual subcommand for ssl-server-proxy where as it is attached to server SSL-client-proxy subcommand.

Each proxy-service or proxy-client configuration submode command is entered on its own line. Table 3-9lists the commands that are available in proxy-client configuration submode.

Table 3-9

Proxy-client Configuration Submode Command Descriptions

 

 

 

 

 

Syntax

 

Description

 

 

 

 

certificate rsa general-purpose trustpoint

Configures the certificate with RSA general-purpose keys and associates a

 

trustpoint-name

trustpoint to the certificate.

 

 

 

 

default {certificate inservice nat server

Sets a command to its default settings.

 

virtual}

 

 

 

 

 

 

 

 

exit

 

Exits from proxy-client configuration submode.

 

 

 

 

 

help

 

Provides a description of the interactive help system.

 

 

 

 

 

inservice

 

Declares a proxy client as administratively up.

 

 

 

 

 

 

 

 

Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference

 

 

 

 

3-70

 

 

OL-7029-01

 

 

 

 

 

Page 291 Page 293
Page 292
Image 292
Cisco Systems OL-7029-01 manual Ssl-proxy service client, Exits from proxy-client configuration submode
Page 291 Page 293
Top Page Image Contents