SSL certificates Expiration

Question

I run below SSL expiration certifiacate script on LTM with 11.x version 
! /bin/bash
set acceptable threshold in seconds (172800 seconds = 2 days)
threshold=185920000
get today's date
this_date=date +%s
set path to certificates
cert_path=/config/ssl/ssl.crt/
for f in $cert_path*.crt
do
    this_cert_date_literal=openssl x509 -in $f -noout -enddate |sed s/notAfter=//
    this_cert_date=date -d "$this_cert_date_literal" +%s
if [ $this_date -ge $(($this_cert_date - $threshold)) ]
then
    expires_when=$(((this_cert_date - $this_date) / 60 / 60 / 24))
    echo "$f is about to expire in $expires_when days"

additional processing for expiring certs goes here 
fi

done
But get no output as such.Please suggest.

mimlo_61970 · Answer

The certs were moved in version 11, they are no longer in /config/ssl/ssl.crt.&nbsp;
I believe they are now in now in /config/filestore, but a better way is probably to use tmsh to do this&nbsp;
http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14318.html&nbsp;

kevin_stewart · Answer

Assuming you're referring to this post:&nbsp;
https://devcentral.f5.com/questions/how-to-alert-before-ssl-certificate-expire&nbsp;
Use the first script posted. The second example (what you have above) is for 10.x.&nbsp;

Forum Discussion

SSL certificates Expiration

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

LTM Certificate expire

Expired ssl warning

SSL Cert expiration Tracker

CheckMk F5 Certificate Expiration using SNMP

SSL Certificate Report

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS