14-90
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
14






Configuring

Traffic

Policies
Configuring
Actions

Lists


Session
Parameters—SSL

session
parameters
that

the

ACE

and

client
negotiate
during

the

SSL
handshake.


Server
Certificate

Fields—Information

regarding
the
SSL
server

certificate

that
resides
on

the

ACE.


Client
Certificate

Fields—Information

regarding

the

SSL

client

certificate

that

the

ACE

retrieves
from
t

he

client

when

you

configure

the

ACE

to

perform

cl

ient

authentication.
Note
To
prevent

HTTP

header

spoofing,

the

ACE

deletes

any

incoming

HTTP

headers

that

match

one

of

the
headers
that

it

is

going

to

insert

into

the

HTTP

request.
By
default,

the

ACE

inserts

the

SSL

header

information

into

the

first

HTTP

request

only

that

it

receives
over
the

connection.

When

the

ACE

and

client

need

to

renegotiate

their

connection,

the

ACE

updates

the
HTTP
header

information

t

hat

i

t

send

t

o

the

ser

ver

to

reflect

t

he

new

session

parameters.

You

can

also
instruct
the

ACE

to

insert

the

session

information

into

every

HTTP

request

that

it

receives

over

the
connection
by

creating

an

HTTP

parameter

map

with

either

the

Header

Modify

Per-Request

or

HTTP
Persistence
Rebalance

options

enabled

(see

the

“Configuring

HTTP

Parameter

Maps”

section

on
page
10-9 ).
Note
The
maximum
amount

of

data

that

the

ACE

can

insert

is

512
bytes.
The
ACE
truncates

the
data
if

it
exceeds
this

limit.
Procedure
Step
1
Choose
Config
>

Devices

>

context

>

Expert

>

HTTP

Header

Modify

Action

Lists.
The
HTTP

Header

Modify

Action

Lists

table

appears.
Step
2
In
the

HTTP

Header

Modify
Action
Lists

table,

do

one

of

the

following:


To
add
a
new

action

list,

click
Add.
In

the

Action

List

Name

field,

enter

a

unique

name

for

the

action
list.
Valid

entries

are

unquoted

text

strings

with

a

ma

ximum

of

64

a

lphanumeric

characters.

Click
Deploy
Now

when

completed

to

save

the

configuration

and

display

the

editing

tabs.


To
edit

an

existing

action

list,

choose

the
action
list

and
click
Edit
to

display

the

editing

tabs.
Step
3
Click
the
SSL
Header

Insert

ta

b.
The
SSL

Header

Insert

table

appears.
Step
4
In
the

SSL

Header

Insert

table,

click
Add
to

add
a
new

entry

to

the

SSL

Header

Insert

table.
The
SSL

Header

Insert

configuration

window

appears.

Enter

the

required

information

as

shown

in
Ta
b

l

e


14-37 .
Ta
b

l

e


14-37
SSL
Action

Configuration

Window

Fields
Header
Action

Field
Description
/

Action
Request
Type
of

SSL

header

information

to

insert

into

the

HTTP

request:


Client-Certificate—Information
about
the
client
certificate
that

the

ACE

retrieves

from

the
client.


Server-Certificate—Information
about

the

server

certificate

t

hat

resides

on
the
ACE.


Session—Information
about

the

session

parameters
that
the
ACE
and

client
negotiated
during

the
SSL
handshake.