Product Documentation

Binding SSL Policies to a Virtual Server

Sep 01, 2016

The SSL policies that are configured on the NetScaler appliance need to be bound to a virtual server that intercepts traffic directed to the virtual server. If the incoming data matches any of the rules configured in the SSL policy, the policy is triggered and the action associated with it is carried out.

You can also bind SSL policies globally or to custom bind points on the NetScaler appliance. For more information about binding policies on the appliance, see .

To bind an SSL policy to a virtual server by using the command line interface

At the command prompt, type the following command to bind an SSL policy to a virtual server and verify the configuration:

  • bind ssl vserver <vServerName> -policyName <string> [-priority <positive_integer>]
  • show ssl vserver <vServerName>

Example

 
> bind ssl vserver vs-server -policyName ssl-policy-1 -priority 10 
 Done 
> show ssl vserver vs-server 
 
        Advanced SSL configuration for VServer vs-server: 
        DH: DISABLED 
        Ephemeral RSA: ENABLED          Refresh Count: 1000 
        Session Reuse: ENABLED          Timeout: 120 seconds 
        Cipher Redirect: DISABLED 
        SSLv2 Redirect: DISABLED 
        ClearText Port: 80 
        Client Auth: DISABLED 
        SSL Redirect: ENABLED 
        SSL-REDIRECT Port Rewrite: ENABLED 
        Non FIPS Ciphers: DISABLED 
        SSLv2: DISABLED SSLv3: ENABLED  TLSv1: ENABLED 
 
1)      Policy Name: ssl-policy-1        Priority: 10 
 
1)      Cipher Name: DEFAULT 
        Description: Predefined Cipher Alias 
 Done 

To bind an SSL policy to a virtual server by using the configuration utility

  1. Navigate to Traffic Management > Load Balancing > Virtual Servers, and open an SSL virtual server.
  2. In Advanced Settings, select SSL Policy, Click in the SSL Policy section to bind to the virtual server.