Finding what Certificates are used by what SSL Profiles

Question

Hi,&nbsp;
I have a couple new certificates that will replace existing certificates on the F5. The new certificates will need to have new names and as a result the SSL profiles that use the old certificates will need to be updated.&nbsp;
My question is, how can I identify what certificates are used by what SSL profiles? The production F5 is managed by a third party so I only have GUI access, no terminal. Thank you in advance.&nbsp;

shopkeeper56_23 · Accepted Answer

Easiest way to show what certs are attached to what profile would be the following.
tmsh list ltm profile client-ssl cert
tmsh list ltm profile server-ssl cert

This will imply list all the SSL Profiles and the individual certs attached to them.

jg · Answer

Here's a quick solution if you are on a Linux box:
curl -k -u admin:adminpass -X GET 'https://[f5.mgmt.ip.addr]/mgmt/tm/ltm/profile/clientSsl' | /usr/bin/jq '.items[] | { selfLink, certKeyChain }'
and the name of the SSL profile is identified in attribute "selfLink" in the output.
You can download "jg", which is optional and is here to weed out information irrelevant to your need, from https://stedolan.github.io/jq/download/ .

Forum Discussion

Finding what Certificates are used by what SSL Profiles

2 Replies

Recent Discussions

Issue on license renewal

Maximum throughput of f5 ltm

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

Quick and dirty shell script to find unused certificates

Automating ACMEv2 Certificate Management on BIG-IP

Re: Management Certificate

SSL Profiles Part 2: Certificates

Automate Let's Encrypt Certificates on BIG-IP