Forum Discussion
Grayson_149410
Nimbostratus
NimbostratusList of client ssl profiles certificate chain
I am fairly new to the world of LTM. We currently in the process of cleaning up our SSL certificates. We are running into an issues where many client ssl profiles are using an incorrect Certificate Chain.
I was wondering if there was an command (tmsh/bash?) to pull all SSL Client Profiles that contain a certain certificate chain. If not, just an entire list would be ok and I could just export the entire list (as long as it contains what chain it is using) and find the chains in question myself. Thanks.
From tmsh, you can run 'list ltm profile client-ssl' and it'll print out each client SSL profile. You should be able to identify which profiles contain the offending chain from there.
Cory_50405Noctilucent
From tmsh, you can run 'list ltm profile client-ssl' and it'll print out each client SSL profile. You should be able to identify which profiles contain the offending chain from there.
- Cory_50405To expand on this answer and make filtering easier, use the one-line modifier and grep on the chain name: list ltm profile client-ssl one-line | grep chain
Grayson_149410Awesome that was exactly what I was looking for. What is the best way to output this to a file so I can FTP in and pick it up?- Cory_50405This will output it to a file in /var/tmp, but run this from bash: tmsh list ltm profile client-ssl one-line | grep chain > /var/tmp/clientssl.txt