Im using this command tmsh list sys file ssl-cert expiration-string to check the certification status on the BIG-IP 12.1.0
Is there a way by which we can reduce the output so that it only shows the certificates expiring in next month or for a defined period of time ?
You could use the GUI if the CLI outputs to much info.
System > File Management > SSL Certificate List. Then sort by Expiration date.
Im actually looking to do it from CLI,
From CLI i want to automate this command for every month and then automate a report which shows the certificates expiring next month.
You can use the "check-cert" command. It "examines the expiration date of each certificate stored on the BIG-IP system, including CA bundles. By default, the check-cert command checks for SSL certificates that have expired or will expire within 30 days."
Check this article:
So you can run the following command that gives you expired certificates PLUS certificate expiring in 30 days. If you want to limit it to certificate that will expire in 30 days you can use a simple grep. Like that :
tmsh run /sys crypto check-cert | grep "expire "
PLease give me a feedback