You need to use SSL::renegotiate and something like
when CLIENTSSL_HANDSHAKE {
if { [SSL::cert count] > 0 } {
if { $http_collected eq 1 } {
HTTP::release
set http_collected 0
}
}
}
when HTTP_REQUEST {
if { ([HTTP::host] eq "siteB.com") && ([HTTP::uri] starts_with "/admin/") } {
if {[SSL::cert count] == 0} {
set http_collected 1
HTTP::collect
SSL::session invalidate
SSL::authenticate always
SSL::authenticate depth 9
SSL::cert mode require
SSL::renegotiate enable
SSL::renegotiate
}
}
}
Note: this is a modified example from the SSL::renegotiate page, and has not been tested, so YMMV