How to list all SAN entries by cert file and/or count them

Question

We need to search for a cert file that we were told had these attributes - somename (obivoulsy not the real name, but it was wrong), a specific expiration date (there weren't ANY certs expiring that day), and quite specifically 98 SAN DNS entries. So, it's two strikes - anyone think they can get us on base, either by listing or - preferably - counting, so we do a search across the F5 fleet?

As an aside, I usually see F5 use 'F5 estate' but I think 'F5 fleet' is cooler.

iaine · Answer

Hi &nbsp;One way you could do this from BASH is to run something like this from the Cert directory (/config/filestore/files_d/Common_d/certificate_d) to output the info&nbsp;for f in *; do echo ${f}; openssl x509 -in ${f} -noout -text | awk '/DNS:/' | tr -d ' ' | sed 's/,/
/g' | wc -l; done;&nbsp;This will iterate through all of the files in the directory and will output the name of the file and the number of SAN entries like this&nbsp;:Common:f5-ca-bundle.crt_28992_10:Common:f5-ca-bundle.crt_29282_10:Common:f5-irule.crt_28990_10:Common:f5-irule.crt_29280_10:Common:www.iainweb.local_62930_14&nbsp;

jwlarger · Answer

Outstanding! Thanks again.

Forum Discussion

How to list all SAN entries by cert file and/or count them

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

irule to enable http/2 acceleration

VS FORWARDING & ROUTE

Statistics ›› Analytics : HTTP : Overview

SNI Sites not taking correct certificate.

Related Content

The table Command: Counting

Code comparison between deploying AS3 or FAST API Declarations with Ansible and Terraform

OpenSSL CVE-2022-3786 and CVE-2022-3602 or "The Critical that wasn't"

APM sesions count per partition

iRule operator evaluation order OR/AND

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS