Forum Discussion

Cirrus

Jun 29, 2016

SSL cert alias

We are in the process of generating new SSL certs with a new domain- I wanted to know how to retrieve the alias that are associated with the SSL certs.

BIG-IP

LTM

security

Hannes_Rapp_162
Jun 29, 2016
Which one are you looking for - the second common name (SAN), or alias of the certificate? To see the Subject Alternative Name(s) (SAN), you can use openssl and grep for DNS. Alternatively, just import the certificate to BigIP and open the certificate object in GUI
(System > File Management > SSL Certificate List)

OpenSSL

Cert SAN:
openssl x509 -noout -text -in /path-to-cert-file.pem | grep DNS
Cert Alias:
openssl x509 -noout -alias -in /path-to-cert-file.pem

Hannes_Rapp_162
Nacreous
Jun 29, 2016
Which one are you looking for - the second common name (SAN), or alias of the certificate? To see the Subject Alternative Name(s) (SAN), you can use openssl and grep for DNS. Alternatively, just import the certificate to BigIP and open the certificate object in GUI
(System > File Management > SSL Certificate List)

OpenSSL

Cert SAN:
openssl x509 -noout -text -in /path-to-cert-file.pem | grep DNS
Cert Alias:
openssl x509 -noout -alias -in /path-to-cert-file.pem
- newbief5_162606
  Cirrus
  Jun 29, 2016
  I am looking for the alias. I tried the openSSL command below but it doesn't seem to work.
Hannes_Rapp
Nimbostratus
Jun 29, 2016
Which one are you looking for - the second common name (SAN), or alias of the certificate? To see the Subject Alternative Name(s) (SAN), you can use openssl and grep for DNS. Alternatively, just import the certificate to BigIP and open the certificate object in GUI
(System > File Management > SSL Certificate List)

OpenSSL

Cert SAN:
openssl x509 -noout -text -in /path-to-cert-file.pem | grep DNS
Cert Alias:
openssl x509 -noout -alias -in /path-to-cert-file.pem
- newbief5_162606
  Cirrus
  Jun 29, 2016
  I am looking for the alias. I tried the openSSL command below but it doesn't seem to work.

newbief5_162606

Cirrus

Jun 29, 2016

Thanks! I was able to get it work using this syntax:

openssl x509 -in /config/filestore/ftextiles_d/Common_d/certificate_d/:Common:[www.test.com.crt_1](http://www.test.com.crt_1 -alias -noout

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL cert alias

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

SSL-Cert

SSL Cert expiration Tracker

iRule to accept client then SSL cert validation

Re: extract LTM VS ssl profile binding cert and key information to generate a json with python f5-sd

SSL cert

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS