ltm rule command SSL profile
iRule(1) BIG-IP TMSH Manual iRule(1)
SSL::profile
Switch between different SSL profiles.
SYNOPSIS
SSL::profile PROFILE_OBJ
DESCRIPTION
This command allows you to switch between SSL profiles, both client and
server. Note: This should be done before the SSL negotiation occurs, or
your rule will require the use of the SSL::renegotiate command.
In order to switch SSL profiles, a profile must be assigned to the
virtual to begin with; switching the clientssl profile requires an
existing clientssl profile, and similarly for serverssl profiles. You
can also use SSL::disable to use SSL selectively.
RETURN VALUE
SSL::profile
Switch to the defined SSL profile.
VALID DURING
ANY_EVENT
EXAMPLES
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] eq $specific_ip] } {
SSL::profile host1_profile
} else {
SSL::profile ssl_profile2
}
}
when HTTP_REQUEST {
SSL::renegotiate
}
when SERVER_CONNECTED {
if {[LB::server port] == 443 } {
SSL::profile serverssl_profile
} else {
SSL::disable
}
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-9.0.3 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)