Identify and cleanse expired and soon to expire certs from BIG-IP

Naumin, it seems based on your request that you have a large number of virtual servers that have a client-ssl profile attached to them that points to an expired SSL certificate. This seems highly unexpected as clients accessing the virtual servers would see problems because of the expired certificates. Do you have a large number of virtual servers in this state? I'd think resolving them manually by altering the virtual server to point to a client ssl profile that has a valid (unexpired) cert would be an urgent configuration change you should make.

It certainly is possible to enhance the script to do what you are requesting, but I wouldn't expect many F5 users to have active virtual servers that have an expired certificate attached (via a client-ssl profile).