11-14
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
11






Configuring

SSL
Using
SSL

Keys
Generating
SSL

Key

Pairs
The
ACE

can

generate

SSL

RSA

key

pairs

if

you

do

not


have

any

matching

key

pairs.
Procedure
Step
1
Choose
the

item

to

configure:


To
configure

a

virtual

context,

choose
Config
>

Devices

>

context

>

SSL

>

Keys.


To
configure

a

building

block,

choose
Config
>

Global

>

building_block

>

SSL

>

Keys.
The
Keys

t

able

appears.
For
the

ACE

module

A2(3.0),

ACE

appliance

A4(1.0),

and

later

releases

of

either

device

type,

the
cisco-sample-key
key

pair

is

included

in

the

list.

For

information

about

this

sample

key

pair,

see

the
“Using
SSL

Certificates”

section

on

pa

ge

11-5 .
Step
2
In
the

Keys

table,

click
Add
to

add

a

new

key

pair.
The
Keys

configuration

window

appears.
Note
You
cannot

modify
an
existing
entry
in

the

Keys

table.

Instead,
delete
the

existing
entry,
then
add
a

new

one.
Step
3
In
the

Keys

configuration

window,

enter

the
information
in
Ta
b

l

e
11-6
.
Step
4
Do
one

of

the

following:


Click
Deploy
Now

to

deploy
this

configuration

on

t

he
ACE
and

save

your

entries

t

o

the
running-configuration
and

startup-configuration

files.


Click
Cancel
to
exit

this

procedure

without
saving
your

entries

and

to

return

to

the
Keys
table.
Ta
b

l

e


11-6
Key
Attributes
Field
Description
Name
Name
of

the

SSL

key

pair.

Valid

entries

are

alphanumeric

strings

up

to

64

characters.
Size
(Bits)
Key
pair

security

strength.

The

number

of

bits

i

n

the

key

pair

file

defines

the

si

ze

of

t

he

RSA

key
pair
used

to

secure

Web

transactions.

Longer

keys

produce

more

secure

implementations

by
increasing
the

strength

of

the

RSA

security

policy.

Options

and

their

relative

levels

of

security

are
as
follows:


512—Least
security


768—Normal
security


1024—High
security,

level

1


1536—High
security,

level

2


2048—High
security,

level

3
Ty
p

e
RSA
is

a

public-key

cryptographic

system

used

for

authentication.
Exportable
Key
Check
box

that

specifies

that

the

key

pair

file

can

be

exported.

Uncheck

the

check

box

to

indicate
that
the

key

pair

file

cannot

be

exported.