Name of the SSL virtual server.
This is mandatory parameter.

Name of the SSL policy to bind to the SSL virtual server.

Integer specifying the policy's priority. The lower the number, the higher the priority.
Maximum value = 64000.

Expression or other value specifying the next policy to be evaluated if the current policy evaluates to TRUE. Specify one of the following values: * NEXT - Evaluate the policy with the next higher priority number. * END - End policy evaluation. * USE_INVOCATION_RESULT - Applicable if this policy invokes another policy label. If the final goto in the invoked policy label has a value of END, the evaluation stops. If the final goto is anything other than END, the current policy label performs a NEXT. * An expression that evaluates to a number. If you specify an expression, the number to which it evaluates determines the next policy to evaluate, as follows: * If the expression evaluates to a higher numbered priority, the policy with that priority is evaluated next. * If the expression evaluates to the priority of the current policy, the policy with the next higher numbered priority is evaluated next. * If the expression evaluates to a number that is larger than the largest numbered priority, policy evaluation ends. An UNDEF event is triggered if: * The expression is invalid. * The expression evaluates to a priority number that is numerically lower than the current policy's priority. * The expression evaluates to a priority number that is between the current policy's priority number (say, 30) and the highest priority number (say, 100), but does not match any configured priority number (for example, the expression evaluates to the number 85). This example assumes that the priority number increments by 10 for every successive policy, and therefore a priority number of 85 does not exist in the policy label.
Default value = "END".

Invoke policies bound to a virtual server, service, or user-defined policy label. After the invoked policies are evaluated, the flow returns to the policy with the next priority.

Type of policy label to invoke.
Possible Values : vserver, service, policylabel.

Name of the policy label, virtual server, or service to invoke if the current policy rule evaluates to TRUE.

Bind point to which to bind the policy. Possible Values: REQUEST, INTERCEPT_REQ, CLIENTHELLO_REQ and CLIENT_AUTH_VAL_REQ. These bindpoints mean: 1. REQUEST: Policy evaluation will be done at appplication above SSL. This bindpoint is default and is used for actions based on clientauth and client cert. 2. INTERCEPT_REQ: Policy evaluation will be done during SSL handshake to decide whether to intercept or not. Actions allowed with this type are: INTERCEPT, BYPASS and RESET. 3. CLIENTHELLO_REQ: Policy evaluation will be done during handling of Client Hello Request. Action allowed with this type is: RESET, FORWARD, PICKCACERTGRP and OCSPSTAPLING. 4. CLIENT_AUTH_VAL_REQ: Policy evaluation will be performed during the verification of the client certificate. Action allowed with this type is: OCSPCERTVALIDATION.
Default value = NS_VS_REQ.
Possible Values : INTERCEPT_REQ, REQUEST, CLIENTHELLO_REQ, CLIENT_AUTH_VAL.