Forum Discussion

N__197982

Nimbostratus

Sep 18, 2017

iRule to disable Client SSL even when SSL Profile(Client) is selected in the VIP.

Folks, I am looking for an iRule which will help me disable SSL negotiation when the incoming request does not have SSL. The VIP I am going to configure is already going to have SSL certificate in it...

application delivery

irules

stan_piron

Cumulonimbus

Sep 18, 2017

Hi,

how can you know it is SSL or not? based on TCP port?

you can use following irule :

when CLIENT_ACCEPTED {
    if { [TCP::local_port] == 80 } {
        SSL::disable
    }
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to disable Client SSL even when SSL Profile(Client) is selected in the VIP.

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

certitcate error

Layered ASM for APM login page protection

migrate from serie I to R. Cluster LTM-GTM

APM URL encoding Hardening?

Trial License for F5 virtual edition in eve-ng

Related Content

SSL Profiles Part 8: Client Authentication

How to disable weak cipher from Client SSL Profile

Client SSL Profile

Client vs Server SSL profile

TLS Fingerprinting to profile SSL/TLS clients without decryption

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS