Forum Discussion

N__197982

Nimbostratus

Sep 18, 2017

iRule to disable Client SSL even when SSL Profile(Client) is selected in the VIP.

Folks, I am looking for an iRule which will help me disable SSL negotiation when the incoming request does not have SSL. The VIP I am going to configure is already going to have SSL certificate in it...

application delivery

iRules

Stanislas_Piro2

Cumulonimbus

Sep 18, 2017

Hi,

how can you know it is SSL or not? based on TCP port?

you can use following irule :

when CLIENT_ACCEPTED {
    if { [TCP::local_port] == 80 } {
        SSL::disable
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to disable Client SSL even when SSL Profile(Client) is selected in the VIP.

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

can you help with getting a BigIP virtual edition serial key

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

Related Content

SSL Profiles Part 8: Client Authentication

How to disable weak cipher from Client SSL Profile

Client SSL Profile

Client vs Server SSL profile

TLS Fingerprinting to profile SSL/TLS clients without decryption

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS