Using Client And Server Certificate Authentication; Example: Configuring Server Certificate Authentication - Cisco CSS11501S-C-K9 Configuration Manual

Chapter 4 Using the Configuration Manager

Using Client and Server Certificate Authentication

Example: Configuring Server Certificate Authentication

78-13124-06
To further ensure transaction security, client or server certificate authentication
can be configured on servers. Backend and reverse-proxy servers can be
configured for server certificate authentication; basic secure servers can be
configured for client certificate authentication. To use either of these certificate
authentication methods, a certificate group must have been created.
Server certification authentication can be configured on both backend and
reverse-proxy servers. The configuration procedure for both server types is nearly
identical. This example demonstrates how to configure an existing backend server
for server certificate authorization using the certificate group servTrustGroup. The
domain name (for backend server configuration only) is www.mycorp.com.
Several options are available for authentication errors to ignore. In this example
the backend server is set to not ignore errors, resulting in immediate
disconnection.
Initiate a management session as described previously.
1.
2. Enter Privileged and Configuration modes.
SCA> enable
SCA# configure
(config[myDevice])#
Enter SSL Configuration mode and Backend Server Configuration mode for
3.
the server myBackServ.
(config[myDevice])# ssl
(config-ssl[myDevice])# backend-server myBackServ
(config-ssl-backend[myBackServ])#
Cisco 11000 Series Secure Content Accelerator Configuration Guide
Using Client and Server Certificate Authentication
4-21