The SSL::profile Command Is Valid In Which Events?

The rule of thumb is any event that makes sense in the protocol ordering and context. So let's say that SSL is at OSI layer 6 (or 5 depending on which reference you read). In the client side context, therefore, the SSL::profile command will work in any event after layer 4 and before layer 7, which is pretty much just CLIENT_ACCEPTED and CLIENT_DATA. Using it in HTTP_REQUEST is too late. The same goes for the server side context. The proxy will establish a TCP layer 4 session with the server, negotiate SSL, and then pass the layer 7 traffic, so you need to use SSL::profile in the server side context after layer 4 and before layer 7, which is safely the SERVER_CONNECTED event, but can be used elsewhere.