Forum Discussion
Mr_Moody
Oct 16, 2020Nimbostratus
Thank you for the response. Your answer helped me end up with the below. The key was that the ssl profile assigned to the VS had to be set to ignore.
when HTTP_REQUEST {
if {[HTTP::uri] starts_with "/uri1" || [HTTP::uri] starts_with "/uri2"} {
if {not [matchclass [IP::remote_addr] equals NOCERT_IP_LIST]} {
SSL::session invalidate
SSL::authenticate always
SSL::authenticate depth 9
SSL::cert mode require
set cmd "SSL::profile /Common/require_clientssl"
eval $cmd
SSL::renegotiate
event disable all
}
}
}