I think you could use a standard (TCP) VIP with a 0.0.0.0/0.0.0.0 or specific host destination. But you'd need an SSL cert/key for each hostname that the client makes a request to, which the client browser accepts as valid. Do you have such a cert? If not, the client would get a mismatched or unchained cert warning from the browser. If you do have such a cert, then with a 0.0.0.0/0.0.0.0 VIP, you could select the client SSL profile based on the destination IP address using an iRule. Or if you do configure a specific VIP for each destination host, you could create a client SSL profile for each cert/key you want to use to decrypt the traffic with.
Aaron