Forum Discussion
Jazz
Nimbostratus
NimbostratusSSL-Cert
How to verify the SSL cert whether it's being used or not through CLI command?
Hi Jazz,
If you execute the commands in tmos, you will get this error. Can you run it in bash?
Hi Jazz,
Can you try the commands below to list the unused ssl certificates in the client-ssl profile?
cd /var/tmp tmsh list ltm profile client-ssl | grep -E " cert| chain" | awk '{print $2}' | sort -u > a.txt tmsh list sys file ssl-cert | grep ssl-cert | awk '{print $4}' | sort -u > b.txt diff a.txt b.txt | grep ">" | awk '{print $2}'
JazzWhen trying to execute the command it gives the following error message? Your further help is required.
Syntax Error: "awk", grep is currently the only filter that is supported
Hi Jazz,
If you execute the commands in tmos, you will get this error. Can you run it in bash?
- Jazz
Yes. Thanks, the command is executed in bash mode. But it only provides the client & server cert details, if we required the overall active cert summary of the box like SAML and others etc.. Can you please guide me in this respect as well?
tmsh list ltm profile client-ssl | grep -E "cert | chain" | awk '{print $2}' | sort -u > a.txt
tmsh list ltm profile server-ssl | grep -E "cert | chain" | awk '{print $2}' | sort -u > a.txt
The second one is not working and gives an error message
tmsh list sys file ssl-cert | grep ssl-cert | awk '{print $4}' | sortexit -u > b.txt diff a.txt b.txt | grep ">" | awk '{print $2}'
Hi Jazz,
cd /var/tmp # Binded certificates on ltm ssl profiles tmsh list ltm profile | grep -E " cert| chain" | awk '{print $2}' | sort -u >> templist.txt # Binded certificates on apm tmsh list apm | grep -E "sp-certificate|sp-decryption-cert|idp-certificate|sp-certificate" | awk '{print $2}' | sort -u >> templist.txt # Ssl certificates on F5 tmsh list sys file ssl-cert | grep ssl-cert | awk '{print $4}' | sort -u >> certlist.txt cat templist.txt | sort -u > bindedlist.txt diff bindedlist.txt certlist.txt | grep ">" | awk '{print $2}'
