ltm rule command SSL profile

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



SSL::profile
       Switch between different SSL profiles.

SYNOPSIS
       SSL::profile PROFILE_OBJ

DESCRIPTION
       This command allows you to switch between SSL profiles, both client and
       server. Note: This should be done before the SSL negotiation occurs, or
       your rule will require the use of the SSL::renegotiate command.

       In order to switch SSL profiles, a profile must be assigned to the
       virtual to begin with; switching the clientssl profile requires an
       existing clientssl profile, and similarly for serverssl profiles. You
       can also use SSL::disable to use SSL selectively.

RETURN VALUE
       SSL::profile 
	   Switch to the defined SSL profile.

VALID DURING
       ANY_EVENT

EXAMPLES
	when CLIENT_ACCEPTED {
	    if { [IP::addr [IP::client_addr] eq $specific_ip] } {
		SSL::profile host1_profile
	    } else {
		SSL::profile ssl_profile2
	    }
	}

	when HTTP_REQUEST {
	    SSL::renegotiate
	}

	when SERVER_CONNECTED {
	    if {[LB::server port] == 443 } {
		SSL::profile serverssl_profile
	    } else {
		SSL::disable
	    }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-9.0.3 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)