Cisco Cisco MGX-FRSM-HS2 B Serial Frame Service Module 發佈版本通知
3
Release Notes for Catalyst 6500 Series SSL Services Module Software Release 1.x
OL-3396-03
Orderable Software Images
Orderable Software Images
lists the software versions and applicable ordering information for the SSL software.
New Features in Software Release 1.2
This section describes the new features available in SSL software release 1.2:
•
Generation of self-signed certificates for testing purposes
You can generate multiple self-signed certificates for testing SSL proxy services by entering the test
crypto pki self command.
crypto pki self command.
•
Automatic backup of configuration to NVRAM
The Flash file system saves the entire configuration, not just the changes to the configuration. If
there is a power failure during the write process, the entire configuration (including private keys)
is lost. This feature automatically backs up the last saved configuration. If the current write process
fails, the configuration is restored to the previous configuration automatically.
there is a power failure during the write process, the entire configuration (including private keys)
is lost. This feature automatically backs up the last saved configuration. If the current write process
fails, the configuration is restored to the previous configuration automatically.
•
Remove implicit VIP and VLAN binding
This feature removes the implicit bind between virtual IP address (VIP) and VLANs.
•
Support for privacy-enhanced mail (PEM) file format for importing and exporting key pairs and
certificates
certificates
•
SSL session timeout/session cache size
If a session ID is found in the session cache table, the client and server can do a short handshake
instead of the full handshake, which reduces the handshake overhead. The SSL timeout session and
session-cache size subcommands allow you to configure how long an entry stays in the session
cache and the session-cache size.
instead of the full handshake, which reduces the handshake overhead. The SSL timeout session and
session-cache size subcommands allow you to configure how long an entry stays in the session
cache and the session-cache size.
•
TCP reassembly timeout
The TCP reassembly timeout feature drops connections that reside in the reassembly queue for a
extended period of time. This feature is enabled by default. If connections do not complete
reassembly within a set period of time (the default is 60 seconds), they are marked and dropped to
free up resources.
extended period of time. This feature is enabled by default. If connections do not complete
reassembly within a set period of time (the default is 60 seconds), they are marked and dropped to
free up resources.
•
Manual certificate enrollment (TFTP and cut-and-paste)
The manual certificate enrollment (TFTP and cut-and-paste) feature allows you to generate a
certificate request and accept certificate authority certificates as well as the router’s certificates;
these tasks are accomplished through a TFTP server or manual cut-and-paste operations.
certificate request and accept certificate authority certificates as well as the router’s certificates;
these tasks are accomplished through a TFTP server or manual cut-and-paste operations.
•
Up to eight levels of certificate authority
This feature allows you to use a certificate authority of three or more levels.
Table 2
Orderable Software Images
Software Version
Filename
Orderable Product Number
1.2(2)
c6svc-ssl-k9y9.1-2-2.bin
SC-SVC-SSL-1.2-K9
1.2(1)
c6svc-ssl-k9y9.1-2-1.bin
SC-SVC-SSL-1.2-K9
1.1(1)
c6svc-ssl-k9y9.1-1-1.bin SC-SVC-SSL-1.1.1-K9