Cisco/Admin(config)# parameter-map type ssl DENY_SSL                     
Cisco/Admin(config-parammap-ssl)# cipher RSA_WITH_3DES_EDE_CBC_SHA   
Cisco/Admin(config-parammap-ssl)# version TLS1

Cisco/Admin(config)# probe https CiscoPortalNew
Cisco/Admin(config-probe-https)# ssl cipher RSA_WITH_3DES_EDE_CBC_SHA   
Cisco/Admin(config-probe-https)# port 443
Cisco/Admin(config-probe-https)# ssl version TLSv1

Cisco/Admin(config)# ssl-proxy service DISABLE_SSL 
Cisco/Admin(config-ssl-proxy)# ssl advanced-options DENY_SSL
Cisco/Admin(config-ssl-proxy)# key  <key>                            //which key shoukd be used here
Cisco/Admin(config-ssl-proxy)# cert <cert>			    //which cert shoukd be used here


Cisco/Admin(config)# class-map match-all BLOCK_SSL
Cisco/Admin(config-cmap)# description SSL Termination VIP
Cisco/Admin(config-cmap)# 2 match virtual-address 10.76.93.15 tcp eq https 



Cisco/Admin(config)# policy-map multi-match TLS
Cisco/Admin(config-pmap)# class BLOCK_SSL 
Cisco/Admin(config-pmap-c)# loadbalance vip inservice 
Cisco/Admin(config-pmap-c)# loadbalance vip icmp-reply
Cisco/Admin(config-pmap-c)# ssl-proxy server DISABLE_SSL 


service-policy input TLS             //should this be applied under any particular interface. Currently applied globally.