Forum Discussion

Nimbostratus

Aug 15, 2019

Solved

TMSH/Bash command to check which SAML: BIG-IP as IdP profile is using a specific SSL certificate

I have multiple IdP profiles using the same SSL certificate. Is there a command I can run to list the IdP profiles associated to specific certificate. This would be similar to running 'tmsh li...

Aug 16, 2019

Would the following work for you:

tmsh -q -c "cd /; list /apm sso saml recursive" | grep -E '(idp-certificate|saml-profiles)'

Cumulonimbus

Aug 15, 2019

tmsh -q -c "cd /; list /apm sso saml idp-certificate | grep cert

Or something like this.

[Edited]

DustinW
Nimbostratus
Aug 15, 2019
Thanks for above but this does't seem to do what I require..
The above shows which LTM SSL profile the certificate is bound to but doesn't specify the APM Access Policy ›› SAML : BIG-IP as IdP profile/s related to the certificate name.
Anymore ideas?
- JG
  Cumulonimbus
  Aug 15, 2019
  Edited answer above.
DustinW
Nimbostratus
Aug 15, 2019
Thanks for prompt reply... I'm probably doing something wrong but the above is not giving me any results even though I know there are IdP profiles associated to the certificate.
In your above command I'm guessing I exchange 'cert' for the certificate name I'm querying but when I hit enter it just prompts to a new line '>'
Even if I switch 'idp-certificate' with the certificate name I receive the same result; new line '>' like it's waiting for input?
Trying to fit my query into your command I'd be trying to: list the apm sso saml idp-profiles that contain 'specific certificate name' as the 'Signing Certificate' located in the 'IdP Service' 'Security Settings'.
I hope I'm explaining this correctly. Sorry for any confusion.