Forum Discussion

Santavi_241428's avatar
Santavi_241428
Icon for Nimbostratus rankNimbostratus
Feb 25, 2016

Single ssl profile can be used for multiple vips?Also any command to see which ssl profile assigned to which vip

HI,

 

I have 2 questions here..Is there any way possible to assign the same ssl profile on multiple vips? secondly is there a way to chcek which ssl profile is associated with which virtual server in a single command or from GUI...I am searching for each ssl profile every virtual server on which it is associated and it is taking my time a lot...

 

Thanks in advance for u r help on this

 

application delivery
BIG-IP
LTM

3 Replies

Sort By
  • pete_71470's avatar
    pete_71470
    Icon for Cirrostratus rankCirrostratus
    Feb 25, 2016

    You can indeed have many virtuals referencing the same certificate. The profiles that are shared to many different virtuals must either be in partition /Common or in the partition holding the virtuals (except for iRules, objects in one partition can't be referenced in a different partition -- but /Common objects are visible to all).

     

    I use this command to hunt down profile usage:

     

    ` tmsh cd /; list ltm profile PROFILE-TYPE one-line recursive | grep DESIRED-PROFILE

     

    You then trundle through the output with a script, editor, etc. Replace PROFILE-TYPE with client-ssl, http, etc.

     

    • Santavi_241428's avatar
      Santavi_241428
      Icon for Nimbostratus rankNimbostratus
      Mar 05, 2016
      HI pete,many thanks for your reply.. Itried this but got following..tmsh cd /; list ltm profile PROFILE-TY PE one-line recursive | grep SSLPROFILENAME Syntax Error: unexpected argument "cd" bash: list: command not found AM I MISSING SOMETHING?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 05, 2016

    tmsh cd /; list ltm profile PROFILE-TYPE one-line recursive | grep DESIRED-PROFILE

    shouldn't we list virtual rather than profile?

    e.g. 

    [root@ve11c:Active:In Sync] config  tmsh -c "cd /; list ltm virtual one-line recursive" |grep -i fastl4
ltm virtual Common/fwd { destination Common/0.0.0.0:0 ip-forward mask any profiles { Common/fastL4 { } } source 0.0.0.0/0 source-address-translation { type automap } translate-address disabled translate-port disabled vlans { Common/v423 } vlans-enabled vs-index 7 }