Forum Discussion

Sukumar_121924's avatar
Sukumar_121924
Icon for Nimbostratus rankNimbostratus
Mar 19, 2015

SSL Certificate and Licenses

Hi All ,

 

How to get the data from the each loadbalancer .How SSL licenses, certificate are in use .

 

I need to prepare a data for all the load balancers.

 

Thanks,

 

7 Replies

  • How to get the data from the each loadbalancer .How SSL licenses, certificate are in use .

     

    Can you elaborate what data are you referring to? If you mean how to access license and certificate information on BIG-IP, you may want to check if iControl is right for you.

     

  • Requirement is not clear. Do you want to count number of SSL profile in F5, if yes

     

    --> Go to Profile--> SSL profile --> Client SSL/server SSL(Count it) or -->through CLI go to cd /config/bigip.conf grep -c clientssl bigip.conf grep -c clientssl bigip.conf

     

    • Sukumar_121924's avatar
      Sukumar_121924
      Icon for Nimbostratus rankNimbostratus
      Hi , The CLI commands is not working . I have devices with both ver 9.x and 11.x Actually, I am looking to find the unused SSL profile and SSL certificate. I know finding from GUI mode will not be a good solution as it will take time to check each VIP . And there are hundreds of VIP , it will take lot of time . Hence please help me get the details from CLI mode .
  • I am looking to find the unused SSL profile and SSL certificate.

    is list and grep useful?

    e.g.

    [root@ve11b:Active:In Sync] config  tmsh list sys file ssl-cert |grep file |cut -d' ' -f4
    ca-bundle.crt
    chain.crt
    default.crt
    f5-irule.crt
    
    [root@ve11b:Active:In Sync] config  tmsh list ltm profile client-ssl all |grep "cert "
        cert default.crt
                cert default.crt
        cert default.crt
                cert default.crt
                cert default.crt
                cert default.crt
        cert default.crt
                cert default.crt
    
    • Sukumar_121924's avatar
      Sukumar_121924
      Icon for Nimbostratus rankNimbostratus
      Thanks . Can please share command syntax for version 9.x and 10.x also.
  • I am looking to find the unused SSL profile and SSL certificate.

    is list and grep useful?

    e.g.

    [root@ve11b:Active:In Sync] config  tmsh list sys file ssl-cert |grep file |cut -d' ' -f4
    ca-bundle.crt
    chain.crt
    default.crt
    f5-irule.crt
    
    [root@ve11b:Active:In Sync] config  tmsh list ltm profile client-ssl all |grep "cert "
        cert default.crt
                cert default.crt
        cert default.crt
                cert default.crt
                cert default.crt
                cert default.crt
        cert default.crt
                cert default.crt