Forum Discussion
Julio_Navarro
Cirrostratus
Cirrostratusexport ltm monitor https password
hi,
i have two ltm systems
first ltm has a pool with a monitor (https) with a username and password
the second needs to have the same pool with the username and password from the first.
we don't have the password.
and both system are already with multiple different configuration objects (monitor, SSL), so I can't export the master-key.
So, is there a way to decrypt the password from username in ltm #1?
Thanks
- boneyard
MVP
not sure if still relevant but i would go for capturing the traffic at the server, decrypt it and from that gain the information you want.
you could perhaps even easier point the first LTM to the second and add a node with that monitor. then you can even easier see what happens.
jaikumar_f5Noctilucent
You dont have to export the master key. You just have to set the master key same in both the boxes to get this working. When you load an encrypted config into another box, it validates the passphrase configuration against the master key.
Follow these steps:
Login to your primary LTM where you have the monitor config.
tmsh show sys crypto master-key tmsh modify sys crypto master-key prompt-for-password enter password: mynewpassword password again: mynewpassword tmsh show sys crypto master-keyYou would notice the old hash and the new hash of your new password when you run show sys crypto command.
Login to your second LTM where you want the monitor to be loaded.
tmsh show sys crypto master-key tmsh modify sys crypto master-key prompt-for-password enter password: mynewpassword password again: mynewpassword tmsh show sys crypto master-keyNow that both the boxes have the same master-key, the config can be copied and loaded in the second ltm.
tmsh load sys config merge from-terminalThis should work. Thats how we handle the singletons or l7 boxes (standalone L7 LTM's)
