SSL::enable

Description

Re-enables SSL processing.
Note that the proper use of this command is highly protocol dependent and not recommended in the majority of cases. To selectively enable SSL processing, you should instead use an ssl profile and then use SSL::disable to selectively disable SSL processing.
If a server-side connection is already established, this command will immediately cause the system to generate a Client Hello to a server, even if an iRule subsequently invokes SSL::disable serverside. That is, the command synchronously enables the Server SSL profile, instead of waiting until the end of the current iRule event execution.

Syntax

SSL::enable [clientside | serverside]

SSL::enable [clientside | serverside]

  • Re-enables SSL processing on one side of the LTM.
  • serverside parameter may optionally be specified to indicate the context in which SSL will be enabled. By default, it will be enabled in the current context (i.e., running “SSL::enable” in a clientside event with no context parameter specified will enable clientside SSL).

Examples

when CLIENT_ACCEPTED {
  if { !([IP::addr [IP::client_addr] eq 10.0.0.0/8]) } {
    SSL::enable
    TCP::release
    set sslenable 0
 }