Filter
Top Products
2-35
Catalyst 6500 Series Switch SSL Services Module Command Reference
OL-9105-01
Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module
policy http-header
• Client Certificate in PEM format—When you specify client-cert pem, the SSL module sends the
entire client certificate in PEM format.
• Client IP and Port Address—Network address translation (NAT) removes the client IP address and
port information. When you specify client-ip-port, the SSL module inserts the client IP address and
information about the client port into the HTTP header, allowing the server to see the client IP
address and port.
• Custom—When you specify custom custom-string, the SSL module inserts the user-defined header
into the HTTP header.
• Prefix—When you specify prefix prefix-string, the SSL module adds the specified prefix into the
HTTP header to enable the server to identify that the connections are coming from the SSL module,
not from other appliances.
• Header alias—Some applications use different names for the standard header. You can create an
alias for the standard name of the header so that the same value is passed using the aliased name
instead of the standard name that the SSL Services Module sends. If you have specified a prefix for
header insertion, the prefix is also applied to the aliased name.
ClientCert-Subject-CN X.509 subject’s common name
ClientCert-Issuer-CN X.509 certificate issuer’s common name
ClientCert-Certificate-Version X.509 certificate version
ClientCert-Serial-Number Certificate serial number
ClientCert-Data-Signature-Algorithm X.509 hashing and encryption method
ClientCert-Subject X.509 subject’s distinguished name
ClientCert-Issuer X.509 certificate issuer’s distinguished name
ClientCert-Not-Before Certificate is not valid before this date
ClientCert-Not-After Certificate is not valid after this date
ClientCert-Public-Key-Algorithm The algorithm used for the public key
ClientCert-RSA-Public-Key-Size Size of the RSA public key
ClientCert-RSA-Modulus-Size Size of the RSA private key
ClientCert-RSA-Modulus RSA modulus
ClientCert-RSA-Exponent The public RSA exponent
ClientCert-X509v3-Authority-Key-Identifier X.509 authority key identifier
ClientCert-X509v3-Basic-Constraints X.509 basic constraints
ClientCert-X509v3-Key-Usage X.509 key usage
ClientCert-X509v3-Subject-Alternative-Name X.509 subject alternative name
ClientCert-X509v3-CRL-Distribution-Points X.509 CRL distribution points
ClientCert-X509v3-Authority-Information-Access X.509 authority information access
ClientCert-Signature-Algorithm Certificate signature algorithm
ClientCert-Signature Certificate signature
Field To Insert Description