Forum Discussion

saidshow_251381's avatar
saidshow_251381
Icon for Cirrostratus rankCirrostratus
Apr 26, 2016

Finding what Certificates are used by what SSL Profiles

Hi,

 

I have a couple new certificates that will replace existing certificates on the F5. The new certificates will need to have new names and as a result the SSL profiles that use the old certificates will need to be updated.

 

My question is, how can I identify what certificates are used by what SSL profiles? The production F5 is managed by a third party so I only have GUI access, no terminal. Thank you in advance.

 

certificate
certificates
gui
LTM
security
ssl
ssl profile
  • shopkeeper56_23's avatar
    shopkeeper56_23
    Apr 27, 2016

    Easiest way to show what certs are attached to what profile would be the following.

    tmsh list ltm profile client-ssl cert
tmsh list ltm profile server-ssl cert

    This will imply list all the SSL Profiles and the individual certs attached to them.

  • JG's avatar
    JG
    Icon for Cumulonimbus rankCumulonimbus
    Apr 27, 2016

    Here's a quick solution if you are on a Linux box:

    curl -k -u admin:adminpass -X GET 'https://[f5.mgmt.ip.addr]/mgmt/tm/ltm/profile/clientSsl' | /usr/bin/jq '.items[] | { selfLink, certKeyChain }'

    and the name of the SSL profile is identified in attribute "selfLink" in the output.

    You can download "jg", which is optional and is here to weed out information irrelevant to your need, from 

    https://stedolan.github.io/jq/download/
    .

  • shopkeeper56_23's avatar
    shopkeeper56_23
    Icon for Cirrostratus rankCirrostratus
    Apr 27, 2016

    Easiest way to show what certs are attached to what profile would be the following.

    tmsh list ltm profile client-ssl cert
tmsh list ltm profile server-ssl cert

    This will imply list all the SSL Profiles and the individual certs attached to them.