After doing some additional tinkering, you might want to ignore the SSL Profile and handle everything in an iRule (it is much easier to manage what is happening.
Here is a beginning example:
when HTTP_REQUEST {
log local0. "Beginning HTTP Request Event."
SSL::cert mode request
if { [SSL::cert count] == 0 } {
log local0. "SSL Certificate Count equals Zero. Redirecting."
HTTP::redirect "http://www.google.com"
}
}
You will still need to handle the processing for which SSL Certificates you will consider valid and how you want to validate them, but again, it seems much easier to work with that information in an iRule.
Hope this helps.