Forum Discussion
how to run the below bash file on f5
Hello,
I would like to extract a list of all virtual servers , profiles and certificates on my F5 ; I found the below script but I dont know how to run it on f5.Where should I place the cert-mapping file ? In which folder on f5 ?
- Log on to the BIG-IP command line.
Note: Command line access defaults to the bash shell.
- Using a text editor, create the cert-mapping file.
- Place the following bash script contents in the cert-mapping file:
#!/bin/bash
# Search /config and sub directories (partitions) for bigip.conf files
LIST=`find /config -name bigip.conf | xargs awk '$2 == "virtual" {print $3}' 2> /dev/null | sort -u`
echo "Virtual: Profile: Certificate: Ciphers:"
echo "__________________________________________________________"
for VAL in ${LIST}
do
PROF=`tmsh show /ltm virtual ${VAL} profiles 2> /dev/null | grep -B 1 " Ltm::ClientSSL Profile:" | cut -d: -f4 | grep -i "[a-z]" | sed s'/ //'g| sort -u`
test -n "${PROF}" 2>&- && {
VIRTS=`expr $VIRTS + 1`
for PCRT in ${PROF}
do
CERT=`tmsh list /ltm profile client-ssl ${PCRT} | awk '$1 == "cert" {print $2}' 2> /dev/null | sort -u`
test -n "${CERT}" 2>&- && {
CIPHERS=`tmsh list /ltm profile client-ssl ${PCRT} ciphers | grep ciphers | awk '{print $2}'`
echo "${VAL} ${PCRT} ${CERT} ${CIPHERS}"
}
done
}
done
echo "Virtual server count: ${VIRTS}"Note: To alter this script to search for server-ssl profile certificates, replace client-ssl with server-ssl and Ltm::ClientSSL Profile: with Ltm::ServerSSL Profile:.
- Close the text editor saving the file cert-mapping that contains the bash script.
- To execute the script type the following command:
bash ./cert-mapping
Thansk in advance.
Best Regards,
Notepad isn't your best option. Are you able to save the file locally with notepad++
Also, can you post a cat from the file?
Command on the cli is cat /temp/cert-mapping
Hi Ralph,
If you only need it to run once you can place it in /tmp/.
/shared/scripts would be a nice location of you are going to run it multiple times during the life of your BIG-IP.
Do not forget to make it executable. (chmod u+x cert-mapping)
Cheers,
Kees- ralph_ralfAltostratus
Thanks for your reply :
Ive created the notepad file and transfered it to /tmp folder using filezilla.Then Ive changed the file to be an executable as advised.However after running it I got an error.
Can you have a look on the below output and revert back.Thanks in advance
[root@f5-IB-2:Standby:In Sync] tmp # chmod u+x cert-mapping
[root@f5-IB-2:Standby:In Sync] tmp #
[root@f5-IB-2:Standby:In Sync] tmp #
[root@f5-IB-2:Standby:In Sync] tmp # ls -l
total 580
-r--r--r--. 1 root root 261660 2021-05-08 07:24 BigDB.dat.orig
-rwxr--r--. 1 root root 914 2023-07-15 22:54 cert-mapping
-r--r--r--. 1 root root 131 2022-08-20 22:57 dhclient.sh
drwxr-xr-x. 2 root root 1024 2023-07-15 06:38 epsec
-r--r--r--. 1 root root 206 2022-08-20 22:57 hosts_script
drwxr-xr-x. 2 root root 1024 2022-08-27 03:33 hsperfdata_root
drwxr-xr-x. 2 tomcat tomcat 1024 2022-08-20 22:58 hsperfdata_tomcat
-rw-r--r--. 1 root webusers 304730 2023-07-15 22:49 running-config
-rw-------. 1 apache apache 451 2023-07-15 15:08 sess_blttcb605qqnb26s65sg5v1jv2
-rw-------. 1 apache apache 451 2023-07-15 15:08 sess_ec2mp7g390lvpeg07hcth2ap02
-rw-------. 1 apache apache 451 2023-07-15 15:08 sess_n781lbebpi5ndb6ae7fa18m1q7
-r--r--r--. 1 root root 355 2022-08-20 22:57 sshd_login.sh
[root@f5-IB-2:Standby:In Sync] tmp #
[root@f5-IB-2:Standby:In Sync] tmp #
[root@f5-IB-2:Standby:In Sync] tmp # bash ./cert-mapping
Virtual: Profile: Certificate: Ciphers:
__________________________________________________________
'/cert-mapping: line 7: syntax error near unexpected token `do
'/cert-mapping: line 7: `do
[root@f5-IB-2:Standby:In Sync] tmp #Notepad isn't your best option. Are you able to save the file locally with notepad++
Also, can you post a cat from the file?
Command on the cli is cat /temp/cert-mapping
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com