Forum Discussion
hooleylist
Jul 08, 2010Cirrostratus
Hi MW,
That sounds very complicated but potentially doable. I spent a little time trying to renegotiate an SSL handshake on an HTTP response and it didn't seem to work. So if you can, it might be easier to redirect clients in step 2 to a new URL that you request a client cert for. You could combine that cert request with an HTTP::retry to kill the client's session.
I'd set aside a fair amount of time to write such a rule. It would be ideal if you could upgrade to 10.1.0 or 10.2.0 so you have a current version to work on.
Aaron