Transcription of Catalyst 6500 Series Switch SSL Services Module Command ...
1 Corporate HeadquartersCisco Systems, West Tasman DriveSan Jose, CA 95134-1706 : 408 526-4000800 553-NETS (6387)Fax: 408 526-4100 Catalyst 6500 Series Switch SSL Services Module Command ReferenceRelease Part Number: OL-9105-01 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR cisco REPRESENTATIVE FOR A cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB s public domain version of the UNIX operating system.
2 All rights reserved. Copyright 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS. cisco AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE NO EVENT SHALL cisco OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF cisco OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH , CCVP, the cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of cisco Systems, Inc.
3 ; and Access Registrar, Aironet, BPX, Catalyst , CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, cisco , the cisco Certified Internetwork Expert logo, cisco IOS, cisco Press, cisco Systems, cisco Systems Capital, the cisco Systems logo, cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners.
4 The use of the word partner does not imply a partnership relationship between cisco and any other company. (0601R) Catalyst 6500 Series Switch SSL Services Module Command Reference 2006 cisco Systems, Inc. All rights 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01 CONTENTSP refaceviiAudienceviiOrganizationviiRelat ed DocumentationviiConventionsviiiObtaining Documentation DVDixOrdering DocumentationxDocumentation FeedbackxCisco Product Security OverviewxReporting Security Problems in cisco ProductsxiObtaining Technical AssistancexiCisco Technical Support & Documentation WebsitexiSubmitting a Service RequestxiiDefinitions of Service Request SeverityxiiObtaining Additional Publications and InformationxiiiCHAPTER 1 Command -Line Interface1-1 Getting Help1-1 How to Find Command Options1-2 Understanding Command Modes1-5 cisco IOS User Interface1-5 Using the No and Default Forms of Commands1-6 Using the CLI String Search1-7 Regular Expressions1-7 Alternation1-10 Anchoring1-10 Parentheses for Recall1-11 ContentsivCatalyst 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01
5 CHAPTER 2 Commands for the Catalyst 6500 Series Switch SSL Services Module2-1clear ssl-proxy conn2-2clear ssl-proxy content2-3clear ssl-proxy session2-4clear ssl-proxy stats2-5crypto pki export pem2-7crypto pki import pem2-9crypto pki export pkcs122-11crypto pki import pkcs122-13crypto key decrypt rsa2-15crypto key encrypt rsa2-16crypto key export rsa pem2-17crypto key import rsa pem2-19crypto key lock rsa2-21crypto key unlock rsa2-22debug ssl-proxy2-23do2-26interface ssl-proxy2-27natpool2-30policy health-probe tcp2-31policy http-header2-34policy ssl2-39policy tcp2-45policy url-rewrite2-49pool ca2-51service2-52service client2-56show interfaces ssl-proxy2-59show ssl-proxy buffers2-60show ssl-proxy certificate-history2-61show ssl-proxy conn2-64show ssl-proxy context2-67show ssl-proxy crash-info2-68show ssl-proxy mac address2-70show ssl-proxy natpool2-71 ContentsvCatalyst 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01show ssl-proxy policy2-72show ssl-proxy service2-75show ssl-proxy stats2-77show ssl-proxy status2-82show ssl-proxy version2-84show ssl-proxy vlan2-85snmp-server enable2-86ssl-proxy context2-87ssl-proxy crypto selftest2-89ssl-proxy mac address2-90ssl-proxy pki2-91ssl-proxy crypto key unlock rsa2-93ssl-proxy ip-frag-ttl2-94ssl-proxy ssl ratelimit2-95standby authentication2-96standby delay minimum reload2-97standby ip2-99standby mac-address2-101standby mac-refresh2-103standby name2-104standby preempt2-105standby priority2-107standby redirects2-109standby timers2-111standby track2-113standby use-bia2-115standby version2-116 APPENDIX AAcronymsA-1 APPENDIX BAcknowledgments for Open-Source SoftwareB-1 INDEXC ontentsviCatalyst 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01viiCatalyst 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01
6 PrefaceThis preface describes the audience, organization, and conventions of this publication, and provides information on how to obtain related publication is for experienced network administrators who are responsible for configuring and maintaining Catalyst 6500 Series publication is organized as follows:Related DocumentationThe Catalyst 6500 Series Switch cisco IOS documentation set includes these documents: Release Notes for Catalyst 6500 Series Switch SSL Services Module Release Catalyst 6500 Series Switch SSL Services Module Configuration Note Catalyst 6500 Series Switch SSL Services Module System Message Guide Catalyst 6500 Series Switch SSL Services Module Installation and Verification Note Catalyst 6500 Series Switch cisco IOS Software Configuration GuideChapterTitleDescriptionChapter 1 Command -Line InterfaceDescribes the Catalyst 6500 Series Switch 2 Commands for the Catalyst 6500 Series Switch SSL Services ModuleLists alphabetically and provides detailed information for commands specific to the Catalyst 6500 Series Switch SSL Services AAcronymsDefines the acronyms used in this 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01 PrefaceConventionsThe cisco IOS documentation set includes these documents.
7 Configuration Fundamentals Configuration Guide Command ReferenceFor information about MIBs, refer to this URL: document uses the following conventions:ConventionDescriptionboldfac e fontCommands, Command options, and keywords are in fontArguments for which you supply values are in italics.[ ]Elements in square brackets are optional.{ x | y | z }Alternative keywords are grouped in braces and separated by vertical bars. Braces can also be used to group keywords and/or aguments; for example, {interface interface type}.[ x | y | z ]Optional alternative keywords are grouped in brackets and separated by vertical nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation fontTerminal sessions and information the system displays are in screen screen fontInformation you must enter is in boldface screen screen fontArguments for which you supply values are in italic screen font.
8 ^The symbol ^ represents the key labeled Control for example, the key combination ^D in a screen display means hold down the Control key while you press the D key.< >Nonprinting characters, such as passwords are in angle brackets.[ ]Default responses to system prompts are in square brackets.!, #An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01 PrefaceObtaining DocumentationNotes use the following conventions:NoteMeans reader take note. Notes contain helpful suggestions or references to material not covered in the use the following conventions:Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of DocumentationCisco documentation and additional literature are available on cisco also provides several ways to obtain technical assistance and other technical resources.
9 These sections explain how to obtain technical information from cisco can access the most current cisco documentation at this URL: can access the cisco website at this URL: can access international cisco websites at this URL: Documentation DVDC isco documentation and additional literature are available in the Product Documentation DVD package, which may have shipped with your product. The Product Documentation DVD is updated regularly and may be more current than printed Product Documentation DVD is a comprehensive library of technical product documentation on portable media. The DVD enables you to access multiple versions of hardware and software installation, configuration, and Command guides for cisco products and to view technical documentation in HTML. With the DVD, you have access to the same documentation that is found on the cisco website without being connected to the Internet. Certain products also have.
10 Pdf versions of the documentation Product Documentation DVD is available as a single unit or as a subscription. Registered users ( cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD=) from cisco Marketplace at this URL: 6500 Series Switch SSL Services Module Command ReferenceOL-9105-01 PrefaceDocumentation FeedbackOrdering DocumentationBeginning June 30, 2005, registered users may order cisco documentation at the Product Documentation Store in the cisco Marketplace at this URL: users can order technical documentation from 8:00 to 5:00 (0800 to 1700) PDT by calling 1 866 463-3487 in the United States and Canada, or elsewhere by calling 011 408 519-5055. You can also order documentation by e-mail at or by fax at 1 408 519-5001 in the United States and Canada, or elsewhere at 011 408 FeedbackYou can rate and provide feedback about cisco technical documents by completing the online feedback form that appears with the technical documents on can send comments about cisco documentation to can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address: cisco SystemsAttn: Customer Document Ordering170 West Tasman DriveSan Jose, CA 95134-9883We appreciate your Product Security OverviewCisco provides a free online Security Vulnerability Policy portal at this URL: this site, you can perform these tasks: Report security vulnerabilities in cisco products.