Configure SSL monitoring when client authentication is enabled on the back-end service 编辑

September 14, 2021 Contributed by:  S

Configure SSL monitoring when client authentication is enabled on the back-end service

Consider a scenario in which you need to load balance servers that require SSL client certificates to validate clients. For this deployment, add the following configuration:

  • Create an SSL service on the Citrix ADC appliance
  • Add an HTTPS monitor
  • Add a certificate-key pair
  • Bind this certificate-key pair to the SSL service
  • Bind the HTTPS monitor to this service.

You can use this https monitor to perform health checks on the back-end services.


Configure SSL monitoring with client certificate

  1. Open an SSH connection to the appliance by using an SSH client, such as PuTTY.

  2. Log on the appliance by using the administrator credentials.

  3. Add an SSL service. At the command prompt, type:

    add service <name> <serverName> <serviceType> <port><!--NeedCopy-->
  4. Add an https monitor. At the command prompt, type:

    add lb monitor <name> <type><!--NeedCopy-->
  5. Add the certificate-key pair that is going to be used as the client cert for that SSL service. At the command prompt, type:

    add ssl certKey <certkeyName> -cert <string> -key <string><!--NeedCopy-->
  6. Bind this certificate-key pair to the SSL service. At the command prompt, type:

    bind ssl service <serviceName> -certkeyName <string><!--NeedCopy-->
  7. Bind the https monitor to the SSL service. At the command prompt, type:

    bind service <name> -monitorName <string><!--NeedCopy-->

Example:

add service ssl_svc 198.51.100.100 SSL 443Doneadd lb monitor ssl_mon HTTPDoneadd ssl certKey abccert -cert serverabc.pem -key serverabc.kyDonebind ssl service ssl_svc -certkeyName abccertDonebind service ssl_svc -monitorName ssl_monDone<!--NeedCopy-->

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:68 次

字数:2497

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文