Forum Discussion

siuwwong5's avatar
siuwwong5
Icon for Altostratus rankAltostratus
Jun 30, 2022

Bigip restful API remove all the existing client ssl profiles in a virtualserver.

Would like to know how we can remove all the existing client ssl profiles in a virtualserver via restful API

  • Hi siuwwong5, you'll need to do a couple things. First, if you don't know the names of your clientssl profiles, or at least a part of the naming nomenclature that identifies them as client-ssl profiles, you'll need to check that the profiles currently applied are actually client-ssl profiles. I did this for a project in python but only address one profile:

     

    def get_cssl_profile(bigip, vip_name):
        vip_profiles = bigip.load(f'/mgmt/tm/ltm/virtual/{vip_name}/profiles')
        cssl_profile = ''
        for profile in vip_profiles:
            if bigip.exist(f'/mgmt/tm/ltm/profile/client-ssl/{profile.properties.get("name")}'):
                cssl_profile = profile.properties.get('name')
        if cssl_profile != '':
            print(f'\tVirtual {vip_name} has associated client-ssl profile {cssl_profile}...continuing.')
            return cssl_profile
        else:
            sys.exit(f'\tVirtual {vip_name} has no associated client-ssl profile...exiting.')

     

    if you have more than one, you'd want to create a list, and then iterate over that list to remove them, but that should give you an idea of what you need to do. Then, once you know, adding/removing is pretty simple:

     

    To add:
    POST json payload of {"name": "(cssl-profile-name)"} to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/
    
    To remove:
    DELETE to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/(css-profile-name)

     

  • Hi siuwwong5, you'll need to do a couple things. First, if you don't know the names of your clientssl profiles, or at least a part of the naming nomenclature that identifies them as client-ssl profiles, you'll need to check that the profiles currently applied are actually client-ssl profiles. I did this for a project in python but only address one profile:

     

    def get_cssl_profile(bigip, vip_name):
        vip_profiles = bigip.load(f'/mgmt/tm/ltm/virtual/{vip_name}/profiles')
        cssl_profile = ''
        for profile in vip_profiles:
            if bigip.exist(f'/mgmt/tm/ltm/profile/client-ssl/{profile.properties.get("name")}'):
                cssl_profile = profile.properties.get('name')
        if cssl_profile != '':
            print(f'\tVirtual {vip_name} has associated client-ssl profile {cssl_profile}...continuing.')
            return cssl_profile
        else:
            sys.exit(f'\tVirtual {vip_name} has no associated client-ssl profile...exiting.')

     

    if you have more than one, you'd want to create a list, and then iterate over that list to remove them, but that should give you an idea of what you need to do. Then, once you know, adding/removing is pretty simple:

     

    To add:
    POST json payload of {"name": "(cssl-profile-name)"} to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/
    
    To remove:
    DELETE to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/(css-profile-name)

     

  • would like to clean up all the existing client ssl profiles in a virtualserver, and then add a new one.