SSL Certificate Report assistance

Question

I have task to collect the active certificate details which have called in SSL Profiles(Client &amp; Server) around 140 LTM's inclusive of Active and stand-By&nbsp;
We dont have BIG-IQ in place so need a assistance to gather all information to report the active certificates and unused certificates from LTM.&nbsp;
I have tried with some CLI commands which gives me detail information and will involves more manual effort to gather in a EXCEL.&nbsp;
Some one please share the script or method to capture my requirements.&nbsp;

arpydays · Answer

This might get you started, it checks for any clientssl or serverssl profiles in all VSs then dumps any certs names from those profiles. Once you have the output you can sort and remove duplicates. Haven't used it anger so test it out first, v11+
!/bin/bash

for d in `tmsh -q -c  "cd /;show ltm virtual recursive profiles" | grep '^  | Ltm::$ClientSSL\|ServerSSL$' | awk '{print $4}'`
    do
      
      tmshout=$(tmsh -q -c "cd /; list ltm profile client-ssl $d" 2&gt;/dev/null | egrep -i '^ {4}(cert|chain) ' |awk '!/none/ {print $2}')
      [[ "$tmshout" ]] || {
        tmshout=$(tmsh -q -c "cd /; list ltm profile server-ssl $d" 2&gt;/dev/null | egrep -i '^ {4}(cert|chain) ' |awk '!/none/ {print $2}')
        }
      [[ -z "$tmshout" ]] || echo "$tmshout"

done

bash ./activecerts.sh &gt; activecerts.txt
bash sort -u -o activecerts.txt activecerts_sorted.txt

Forum Discussion

SSL Certificate Report assistance

Recent Discussions

How to Renew F5 Device Certificate

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

How to export a list of paired external service providers from APM?

Service discovery is not happening in AS3

Statistics ›› Analytics : HTTP : Overview

Related Content

Re: BigIP Report

SSL Certificate Report

BigIP Report Old

F5 NGINX Plus R33 Licensing and Usage Reporting

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS