Forum Discussion

Nimbostratus

Aug 13, 2014

Force SSL Profile Based on URL

I've a requirement to force SSL profile based on URL. I've created two different client SSL profile i.e. wildcard_ssl & wildcard_ssl_strong. Then I tried to create an iRules contains the following: ...

Nacreous

Aug 15, 2014

Hi,

maybe you can try something like this :

  when HTTP_REQUEST {
  if {[HTTP::uri] starts_with "/securearea/" } {
      HTTP::collect
      SSL::session invalidate
      SSL::profile ssl_profile2
      SSL::renegotiate enable
      SSL::renegotiate
  }
}

Yann

Yann_Desmarest_

Nacreous

Aug 15, 2014

without HTTP::collect :)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Force SSL Profile Based on URL

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

HTTP Brute Force Mitigation Playbook: Bot Profile for Brute Force Mitigations - Chapter 5

Extend visibility - BIG-IP joins forces with CrowdStrike

Stop Using the Base TCP Profile!

TLS server_name extension based routing without clientssl profile

SSH Brute Force Protection with SSH Proxy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS