How to list all SAN entries by cert file and/or count them

Question

We need to search for a cert file that we were told had these attributes - somename (obivoulsy not the real name, but it was wrong), a specific expiration date (there weren't ANY certs expiring that day), and quite specifically 98 SAN DNS entries. So, it's two strikes - anyone think they can get us on base, either by listing or - preferably - counting, so we do a search across the F5 fleet?

As an aside, I usually see F5 use 'F5 estate' but I think 'F5 fleet' is cooler.

iaine · Answer

Hi &nbsp;One way you could do this from BASH is to run something like this from the Cert directory (/config/filestore/files_d/Common_d/certificate_d) to output the info&nbsp;for f in *; do echo ${f}; openssl x509 -in ${f} -noout -text | awk '/DNS:/' | tr -d ' ' | sed 's/,/
/g' | wc -l; done;&nbsp;This will iterate through all of the files in the directory and will output the name of the file and the number of SAN entries like this&nbsp;:Common:f5-ca-bundle.crt_28992_10:Common:f5-ca-bundle.crt_29282_10:Common:f5-irule.crt_28990_10:Common:f5-irule.crt_29280_10:Common:www.iainweb.local_62930_14&nbsp;

jwlarger · Answer

Outstanding! Thanks again.

Forum Discussion

How to list all SAN entries by cert file and/or count them

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

The table Command: Counting

Code comparison between deploying AS3 or FAST API Declarations with Ansible and Terraform

OpenSSL CVE-2022-3786 and CVE-2022-3602 or "The Critical that wasn't"

APM sesions count per partition

How to Contribute an Article or a Codeshare Entry

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS