SSL Certificate Report assistance

Question

I have task to collect the active certificate details which have called in SSL Profiles(Client &amp; Server) around 140 LTM's inclusive of Active and stand-By&nbsp;
We dont have BIG-IQ in place so need a assistance to gather all information to report the active certificates and unused certificates from LTM.&nbsp;
I have tried with some CLI commands which gives me detail information and will involves more manual effort to gather in a EXCEL.&nbsp;
Some one please share the script or method to capture my requirements.&nbsp;

arpydays · Answer

This might get you started, it checks for any clientssl or serverssl profiles in all VSs then dumps any certs names from those profiles. Once you have the output you can sort and remove duplicates. Haven't used it anger so test it out first, v11+
!/bin/bash

for d in `tmsh -q -c  "cd /;show ltm virtual recursive profiles" | grep '^  | Ltm::$ClientSSL\|ServerSSL$' | awk '{print $4}'`
    do
      
      tmshout=$(tmsh -q -c "cd /; list ltm profile client-ssl $d" 2&gt;/dev/null | egrep -i '^ {4}(cert|chain) ' |awk '!/none/ {print $2}')
      [[ "$tmshout" ]] || {
        tmshout=$(tmsh -q -c "cd /; list ltm profile server-ssl $d" 2&gt;/dev/null | egrep -i '^ {4}(cert|chain) ' |awk '!/none/ {print $2}')
        }
      [[ -z "$tmshout" ]] || echo "$tmshout"

done

bash ./activecerts.sh &gt; activecerts.txt
bash sort -u -o activecerts.txt activecerts_sorted.txt

Forum Discussion

SSL Certificate Report assistance

1 Reply

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

Re: BigIP Report

SSL Certificate Report

BigIP Report Old

Re: Welcome to the F5 BIG-IP Migration Assistant

Re: Management Certificate