Installation guide

9-11

Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance

OL-26645-02

Chapter 9 Configuring SSL

Using SSL Keys

Step 4 Do the following:

• Click OK to accept your entries and to return to the Certificates table. The ACE Appliance Device

Manager updates the Certificates table with the newly installed certificate.

• Click Cancel to exit this procedure without saving your entries and to return to the Certificates table.

Related Topics

• Configuring SSL, page 9-1

• Using SSL Keys, page 9-11

• Importing SSL Key Pairs, page 9-12

• Configuring SSL Parameter Maps, page 9-19

• Configuring SSL Chain Group Parameters, page 9-25

• Configuring SSL CSR Parameters, page 9-26

• Configuring SSL Proxy Service, page 9-28

Using SSL Keys

An ACE appliance and its peer use a public key cryptographic system named Rivest, Shamir, and

Adelman Signatures (RSA) for authentication during the SSL handshake to establish an SSL session.

The RSA system uses key pairs that consist of a public key and a corresponding private (secret) key.

During the handshake, the RSA key pairs encrypt the session key that both devices will use to encrypt

the data that follows the handshake.

Use this procedure to view options for working with SSL and SSL keys.

Procedure

Step 1 Choose Config > Virtual Contexts > context > SSL > Keys. The Keys table appears.

Step 2 Continue with one of the following options:

• Generate a key pair—See Generating SSL Key Pairs, page 9-15.

• Import a key pair—See Importing SSL Key Pairs, page 9-12.

• Export a key pair—See Exporting SSL Key Pairs, page 9-18.

• Generate a CSR—See Generating CSRs, page 9-27.