Forum Discussion

Nimbostratus

Mar 29, 2005

session {add|delete} ssl question

I found this code from Code Share. rule c_cert_session { when RULE_INIT { set ::key [AES::key 128] log local0. "the key is: $::key" } when CLIENTSSL_CLIENTCERT { ...

Historic F5 Account

Mar 29, 2005

Have you considered forcing a SSL re-negotiation after a certain time out has been reached? Here is an example ...

when CLIENT_ACCEPTED {  
     set http_collect 0  
  }  
    
  when HTTP_REQUEST {  
     if {[HTTP::request_num] > 10} {  
        SSL::renegotiate  
        HTTP::collect  
        set http_collect 1  
     }  
  }  
    
  when CLIENTSSL_HANDSHAKE {  
    if {$http_collect == 1} {  
       set http_collect 0  
       HTTP::release  
    }  
  }

You will at least be able to verify that the client still has the card.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

session {add|delete} ssl question

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

How to Verify config before loading to F5

VIP control across data centers - how to ensure only 1 VIP is up at a time?

FQDN Node Configuration

Limit connection per VS and redirect user

APM and Datasafe

Related Content

F5 Architecture Track Sessions - AppWorld 2026

MCP Session Affinity With F5 NGINX Plus

Question about healthchecks

LLM Streaming Session Pinning for WebSocket AI Gateways

TLS Stateful vs Stateless Session Resumption

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS