The iRule will automatically be applied after the decryption. The events you're using (HTTP events) are processed after the BIG-IP has already decrypted the traffic.
As far as an iRule to redirect everything coming to
www.example.com without the /WebEdition URI, it looks like you want something like:
when HTTP_REQUEST {
if { [HTTP::host] eq "www.example.com" } {
if { (!([HTTP::uri] starts_with "/WebEdition")) or ([TCP::local_port] != 443) } {
HTTP::redirect "https://www.example.com/WebEdition"
}
}
}
That should work for both encrypted and plaintext traffic, assuming they're both feeding into the VIP that has this iRule on it.
Colin