Filter
Top Products
3-54
Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference
OL-7029-01
Chapter 3 Commands Specific to the Content Switching Module with SSL
ssl-proxy policy http-header
ssl-proxy policy http-header
To enter the HTTP header insertion configuration submode, use the ssl-proxy policy http-header
command.
ssl-proxy policy http-header http-header-policy-name
Syntax Description
Defaults This command has no default settings.
Command Modes Global configuration
Command History
Usage Guidelines In HTTP header insertion configuration submode, you can define the HTTP header insertion content
policy that is applied to the payload.
HTTP header insertion allows you to insert additional HTTP headers to indicate to the real server that
the connection is actually an SSL connection. These headers allows server applications to collect correct
information for each SSL session and/or client.
You can insert these header types:
• Client Certificate—Client certificate header insertion allows the back-end server to see the attributes
of the client certificate that the SSL module has authenticated and approved. When you specify
client-cert, the SSL module passes the following headers to the back-end server:
–
Client IP and Port Address—Network address translation (NAT) removes the client IP address
and port information. When you specify client-ip-port, the SSL module inserts the client IP
address and information about the client port into the HTTP header, allowing the server to see
the client IP address and port.
–
Custom—When you specify custom custom-string, the SSL module inserts the user-defined
header into the HTTP header.
–
Prefix—When you specify prefix prefix-string, the SSL module adds the specified prefix into
the HTTP header to enable the server to identify that the connections are coming from the SSL
module, not from other appliances.
• SSL Session—Session headers, including the session ID, are used to cache client certificates that
are based on the session ID. The session headers are also cached on a session basis if the server
wants to track connections that are based on a particular cipher suite. When you specify session, the
SSL module passes information that is specific to an SSL connection to the back-end server as
session headers.
http-header-policy-name HTTP header policy name.
Release Modification
SSL Services Module
Release 2.1(1)
Support for this command was introduced on the Catalyst 6500 series
switches.
CSM-S release 1.1(1) This command was introduced.