Forum Discussion
Anderson_Castro
Oct 22, 2014Nimbostratus
See the following settings:
ltm virtual gestores2-rj2.bnymellon.com.br-vip-443 {
auth {
**dreyfusbrascan_ca_profile**
}
destination 170.61.199.134:https
ip-protocol tcp
mask 255.255.255.255
persist {
source_addr_ {
default yes
}
}
pool gestores2-rj2.bnymellon.com.br-pool-80
profiles {
gestores2.bnymellon.com.br-clientssl {
context clientside
}
microsoft_iis_https_http-wan-optimized-compression_shared_http { }
tcp-custom-30min { }
}
}
____________________________________
ltm auth profile dreyfusbrascan_ca_profile {
configuration dreyfusbrascan_ca_cfg
credential-source http-basic-auth
defaults-from ssl_ocsp
idle-timeout 5400
rule auth_ssl_ocsp8
}
_______________________
ocsp responder DreyfusBrascanCA_CRL {
url "http://170.61.198.73/ocsp"
ca file "Dreyfus-ca-bundle.crt"
ignore aia enable
nonce disable
validity period 3600
_________________
ltm profile client-ssl gestores2.bnymellon.com.br-clientssl {
allow-non-ssl disabled
authenticate once
authenticate-depth 9
ca-file intermediate-ca-bundle.crt
cert sma.bnymellon.com.br.10152014.crt
chain intermediate-ca-bundle.crt
client-cert-ca Dreyfus-ca-bundle.crt
defaults-from clientssl
key sma.bnymellon.com.br.10152014.key
peer-cert-mode request
renegotiate-max-record-delay 4294967295
renegotiate-period 3600
renegotiation enabled
secure-renegotiation request
strict-resume enabled
unclean-shutdown enabled
}
___________