SSL disable/enable based on SSL Cipher

Question

I want to enable/disable SSL based on SSL Cipher version.
I have created the following iRule, but it does not work as expected.
when CLIENTSSL_CLIENTHELLO { 
    log local0. "[SSL::cipher version]"
    if { [SSL::cipher version] &lt;= "TLSv1.2" } {
        SSL::disable
        pool pool_1
}
    else {
        SSL::enable
        pool pool_2
    }
}

I confirming that traffic forward with the specified Pool.
Could you tell me how to make the expected behavior?

youssef1 · Answer

Hi,&nbsp;
You want to disable SSL in server side? or client side?&nbsp;
Because if you want to disable SSL on client side it will be dificult. because your negotiation ssl is already started, that's what allows you to determine the protocol...&nbsp;
Can you explain exactly your context / need (why you want to do this). we could give you a better alternative.&nbsp;
regards&nbsp;

Forum Discussion

SSL disable/enable based on SSL Cipher

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Cipher Suites Supported (12.1.5.3)

Enable/Disable pool member

HowTo disable/enable VServer based on timetable?

Enabling or disabling a pool member

Cipher suite mismatch advertisement/warning

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS