SSL actions and policies
An SSL policy evaluates incoming traffic and applies a predefined action to requests that match a rule (expression). Configure the actions before creating the policies, so that you can specify an action when you create a policy. To put a policy into effect, do one of the following:
- Bind the policy to a virtual server on the appliance, so that it applies only to traffic flowing through that virtual server.
- Bind the policy globally, so that it applies to all traffic flowing through the appliance.
SSL actions define SSL settings that you can apply to the selected requests. You associate an action with one or more policies. Data in client connection requests or responses is compared to a rule specified in the policy, and the action is applied to connections that match the rule (expression).
You can configure classic policies with classic expressions and Advanced policy policies with Advanced policy expressions for SSL.
Note: Users who are not experienced in configuring policies at the CLI usually find using the configuration utility to be considerably easier.
You can associate a user-defined action or a built-in action to a Advanced policy. Classic policies allow only user-defined actions. In Advanced policy, you can also group policies under a policy label, in which case they are applied only when invoked from another policy.
Common uses of SSL actions and policies include per-directory client authentication, support for Outlook web access, and SSL-based header insertions. SSL-based header insertions contain SSL settings required by a server whose SSL processing has been offloaded to the NetScaler appliance.