Make a copy of all existing clientssl profiles requiring TLS1.2
Problem this snippet solves:
This will let you make a copy of all existing clientssl profiles (old one will be the parent of the new one) requiring TLS1.2.
How to use this snippet:
First, it gets a list of all of your client ssl profiles which are assigned to virtual servers (NOTE, This assumes that your tcp profiles have the text "tcp" in their name and that your clientssl profiles DO NOT have "tcp" in the name).
Second, it makes a new clientssl profile with the old one as the parent. The only change will be ciphers. The new one will be called oldprofile-tls12. You can call them whatever you want.
Code :
tmsh list ltm virtual all |grep clientside -B 1|grep -v tcp|grep -v clientside|sed 's/{//g'|grep -v "\-\-"|sort|uniq|awk '{print $1}' > clientssl.txt for i in `cat clientssl.txt` do tmsh create ltm profile client-ssl $i-tls12 defaults-from $i ciphers 'TLSv1_2:!DES-CBC-SHA:!DH:!ADH:!EDH:!EXPORT:!RC4-SHA:!RC4-MD5:!DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA' sleep 1 done
Tested this on version:
11.5Published May 03, 2018
Version 1.0patonbike_25784
Nimbostratus
Joined May 05, 2019
patonbike_25784
Nimbostratus
Joined May 05, 2019
No CommentsBe the first to comment