Forum Discussion

Lazar_92526's avatar
Lazar_92526
Icon for Nimbostratus rankNimbostratus
Mar 20, 2013

Query SSL virtuals servers for SSL Profiles

Does anyone know if there is a way to perform a query on all of the SSL virtual servers to determine if they have an SSL Profile (Client,Server or both). I'm trying to determine which servers have SSL Pass-through, Offloading or Re-encrytion enabled without having to go through each configuration manually

 

config
design

4 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 21, 2013
    what version are you running? if 10.x, is this helpful?

     

     

    shortest command for SSLprofile

     

    https://devcentral.f5.com/community/group/aft/2166265/asg/68
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 21, 2013
    not sure if this is useful. 

    [root@ve11a:Active:Changes Pending] config  tmsh show ltm virtual all profiles|grep -i ltm
Ltm::Virtual Server: bar
  | Ltm::HTTP Profile: http
  | Ltm::ClientSSL Profile: myclientssl
  | Ltm::ServerSSL Profile: serverssl
  | Ltm::TCP Profile: tcp
Ltm::Virtual Server: fwd
  | Ltm::FastL4 Profile: fastL4
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Mar 21, 2013
    When all else fails, write a script: 

    
! /bin/bash

output=$(tmsh list ltm virtual |grep "ltm virtual" | awk -F" " '{ print $3 }')

for LINE in ${output}; do
   clientssl=$(tmsh show ltm virtual ${LINE} profiles |grep ClientSSL |awk -F" " '{ print $4 }')
   serverssl=$(tmsh show ltm virtual ${LINE} profiles |grep ServerSSL |awk -F" " '{ print $4 }')

   if [ -n "$clientssl" -o -n "$serverssl" ]; then
      echo "${LINE}:"
      if [ -n "${clientssl}" ]; then
         echo "     ClientSSL profile: $clientssl"
      fi
      if [ -n "${serverssl}" ]; then
         echo "     ServerSSL profile: $serverssl"
      fi
      echo ""
   fi
done