We are looking to implement a solution whereby users must use SSL to access a particular web app if they have the correct client cert. For users who don't have the cert yet we want the solution to automatically revert to use HTTP for this app and continue. We want it to be seamless to the user.
We plan on using the BIG-IP for the SSL termination at the perimeter.
Can the big-ip detect that the users machine doesn't have the cert and redirect to http? Or am I way off course here? Are there other ways to do this?