Policy Http-Header - Cisco Catalyst 6500 Series Command Reference Manual

policy http-header

policy http-header
To enter the HTTP header insertion configuration submode, use the policy http-header command.
Syntax Description http-header-policy-name
Defaults This command has no default settings.
Command Modes Context subcommand mode
Command History Release
SSL Services Module
Release 2.1(1)
SSL Services Module
Release 3.1(1)
Usage Guidelines In HTTP header insertion configuration submode, you can define the HTTP header insertion content
policy that is applied to the payload.
HTTP header insertion allows you to insert additional HTTP headers to indicate to the real server that
the connection is actually an SSL connection. These headers allow server applications to collect correct
information for each SSL session and/or client.
You can insert these header types:
•
Field To Insert
ClientCert-Valid
ClientCert-Error
ClientCert-Fingerprint
Catalyst 6500 Series Switch SSL Services Module Command Reference
2-34
policy http-header http-header-policy-name
Modification
Support for this command was introduced on the Catalyst 6500 series
switches.
The policy http-header command (entered in context subcommand
mode) replaces the ssl-proxy policy http-header command (entered in
global subcommand mode).
This command was changed to add the following submode commands:
client-cert pem
•
alias
•
Client Certificate—Client certificate header insertion allows the back-end server to see the attributes
of the client certificate that the SSL module has authenticated and approved. When you specify
client-cert, the SSL module passes the following headers to the back-end server:
Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module
HTTP header policy name.
Description
Certificate validity state
Error conditions
Hash output
OL-9105-01