Overview Of The Ssl Module Functions In The Css - Cisco 11503 - CSS Content Services Switch Configuration Manual

Chapter 1 Overview of CSS SSL

Overview of the SSL Module Functions in the CSS

OL-5655-01
Table 1-1 SSL Module SSL Cryptography Capabilities (continued)
SSL Cryptography
Function
Digital certificates
The CSS 11503 and CSS 11506 support multiple SSL modules; a maximum of
two in a CSS 11503 and a maximum of four in a CSS 11506. The CSS 11501
supports a single integrated SSL module.
The SSL module is responsible for all user authentication, public/private key
generation, certificate management, and packet encryption and decryption
functions between the client and the server. It is dependent on the Switch Module
to provide the interface for processing network traffic and the Switch Control
Module (SCM) to send and receive configuration information.
The CSS stores all certificates and keys on the SCM disk. The CSS supports a
maximum of 256 certificates and 256 key-pairs per SSL module, which equals
approximately 3 MB of storage space on the disk. The CSS stores all certificate-
and key-related files in a secure location on the disk. When processing
connections, the CSS loads the certificates and keys into volatile memory on the
SSL module for faster access.
Overview of the SSL Module Functions in the CSS
Functions Supported by the SSL Module
The SSL module supports all major digital
certificates from Certificate Authorities (CAs),
including those listed below:
VeriSign
•
Entrust
•
Netscape iPlanet
•
Windows 2000 Certificate Server
•
• Thawte
Equifax
•
Genuity
•
Cisco Content Services Switch SSL Configuration Guide
1-7