Forum Discussion
Santavi_241428
Nimbostratus
NimbostratusChecking SHA1 cert on BIG IP LTM Ver 10.2
Hi team,
I need to know which are the certs are in LTM (version 10.2 ) has sha1 installed in it..I am not getting help form my web service team to validate each and every virtual server tested. ...
Hi!
What Kevin is suggesting in that thread is to create a bash script with the following content:
!/bin/bash
for c in `ls --format single-column /config/filestore/files_d/Common_d/certificate_d/`;
do
arr=($(openssl x509 -noout -text -in /config/filestore/files_d/Common_d/certificate_d/${c} |grep -E "sha1"))
if [ -n "${arr[2]}" ]
then
echo ${c}
fi
done
`
Judging by the date of the thread I'd guess the person is running v11 and the script is most likely not entirely valid for you as the certificate folder was /config/ssl.crt in v10.
I don't have a v10 machine to test this myself but this should work:
`!/bin/bash
for c in `ls --format single-column /config/ssl/ssl.crt/`;
do
arr=($(openssl x509 -noout -text -in /config/ssl/ssl.crt${c} |grep -E "sha1"))
if [ -n "${arr[2]}" ]
then
echo ${c}
fi
done
To use it:
- Logon to the F5 advanced shell (ssh)
- Enter
nano - Paste the content of the script above
- Exit by issuing
, enter a file name and theCTRL+XEnter key - Run the script by issuing
bash [filename]
Good luck!
/Patrik
Edit: Corrected the path of the ssl certificate directory (hope it's right this time)
