Quick and dirty shell script to find unused certificates
Problem this snippet solves: This has been edited quite a bit since I first posted so it's probably not as quick and dirty as it was before. This in response to a question regarding removing unused...
Published May 16, 2019
Version 1.0Lee_Sutcliffe
Nacreous
Joined September 14, 2009
Lee_Sutcliffe
Nacreous
Joined September 14, 2009
Jason_Adams
May 16, 2019Employee
About the non-default partitions, you could use the following:
#!/bin/sh
tmsh list sys file ssl-cert | awk '/crt/ {print $4}' | sed '/^[[:space:]]*$/d' > /var/tmp/installedCerts.tmp
while read cert; do
isUsed=$(find /config/ -xdev -type f -name bigip.conf -exec grep $cert {} +)
if [ -z "$isUsed" ];then
echo "$cert is not used"
fi
done </var/tmp/installedCerts.tmp
rm /var/tmp/installedCerts.tmp