Installation guide
9-5
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 9 Configuring SSL
SSL Setup Sequence
For more information about using SSL with ACE appliances, see the SSL Guide, Cisco ACE Application
Control Engine.
To configure ACE appliances for SSL, see the following topics:
• Importing SSL Certificates, page 9-8
• Importing SSL Key Pairs, page 9-12
• Configuring SSL Parameter Maps, page 9-19
• Configuring SSL CSR Parameters, page 9-26
• Configuring SSL Chain Group Parameters, page 9-25
• Configuring SSL Proxy Service, page 9-28
• Configuring SSL OCSP Service, page 9-30
SSL Setup Sequence
The SSL setup sequence provides detailed instructions with illustrations for configuring SSL using the
ACE Appliance Device Manager (Figure 9-2). The purpose of this option is to provide a visual guide for
performing typical SSL operations, such as SSL CSR generation, SSL proxy creation, and so on. This
option does not replace any existing SSL functions or configuration screens already present in ACE
Appliance Device Manager. It is only intended as an additional guide for anyone unfamiliar or unclear
with the SSL operations that need to be performed on the ACE. From the SSL setup sequence, you are
allowed to configure all SSL operations, without duplicating the edit/delete/table/view operations that
the other SSL configuration screens provide.
The purpose of this option is to provide details about typical SSL flows and the operations involved in
performing typical SSL operations, including the following:
• SSL import/create keys
• SSL import certificates
• SSL CSR generation
• SSL proxy creation
Note The SSL Setup Sequence in the ACE Device Manager uses the terms SSL Policies and SSL Proxy Service
interchangeably.
Step 11
Configure CRL. See Configuring CRLs for Client Authentication, page 9-33.
Step 12
Configure an SSL
OCSP service
See Configuring SSL OCSP Service, page 9-30.
Table 9-1 SSL Key and Certificate Procedure Overview (continued)
Task Description