Hi Bill,
Can you provide more detail on what you're trying to accomplish?
You say that you have multiple apps running on the same server and only want to encrypt traffic to some of the apps. Do you mean you want to encrypt some of the traffic between the client and the virtual server (client SSL), or traffic from the BIG-IP to the web server (server SSL)?
If you want to use client SSL, it would be simplest to create a separate virtual server per application and use a client SSL profile per virtual server you want encryption for. You shouldn't need a rule for this.
If you want to use server SSL, you could also create separate virtual servers and corresponding server SSL profiles. If, on the same virtual server, you need to have some traffic to the web servers encrypted but others not, you could use a rule. The general idea for selective server SSL encryption on a single VIP to the pool(s) is to configure a server SSL profile on the virtual server and then disable it for requests you don't want encrypted.
Here is an example from citizen_elah: (
Click here)
Aaron