irule with different SSL profiles depending on the pool.

Hi helm123, the typical requirement would be to: - provide the expected certificate to the client during handshake - inspect http-payload (requires established SSL/TLS connection between client and virtual server) - make a forwarding decision (considering persistency) - re-encrypt http-payload before forwarding to selected real server (aka pool member) For SSL/TLS termination between client and virtual server the client-ssl profile(s) is/are relevant. For SSL/TLS communication between load balancer and real server the server-ssl profile(s) is/are relevant. The client-ssl profile(s) contain(s) the server certificate, private key and intermediate CA certificate provided to the client. The server-ssl profile(s) would contain client certificates to be provided to the real server (not required that often). Switching SSL profiles is supported before doing the SSL/TLS handshake, i.e. after the CLIENT_ACCEPTED event is fired (right after 3-way handshake). They cannot be changed, after the SSL/TLS connection was established to send a payload through the encrypted "tunnel". I hope this helps a bit regarding the F5 terminology. :) Thanks, Stephan