Forum Discussion
Help disabling SSL encryption on VS using SSL offload per host name
This is generally not possible in the HTTP context. By the time you get to layer 7 HTTP evaluation, the layer 5/6 SSL has already happened. You would necessarily need to enable/disable SSL processing at layer 3/4 (IP subnets) or potentially at layer 5/6 SSL. The SSL layer switching would be a bit more complicated, and would rely on the client's ability to send the server name in the CLIENTHELLO message - a function of the TLS protocol. Older clients (ie. WinXP and earlier) would not be able to do this.
Optionally, you could simply re-encrypt to the server side, based on the Host header. Your above iRule would then work if you changed "clientside" to "serverside".
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com