Note - I'm a F5 newbie. but :) the approach I would take - and trying to keep it simple. KISS
is move SSL to the F5 make every one connect via here. if you have multipaths it just causing pain.
You want a break fix solution, put in a policy , irule, or ??? something that gives the devs emergency access if needed, straight through rule, that is only ip based or some limiting factor.
if the problem is the app being behind a reverse proxy .. well that will need some testing before hand.
But ... I don't know your environment so ... there might be other mitigating factors