Quick and dirty shell script to find unused certificates
Published May 16, 2019
Version 1.0Was this article helpful?
About the non-default partitions, you could use the following:
#!/bin/sh
tmsh list sys file ssl-cert | awk '/crt/ {print $4}' | sed '/^[[:space:]]*$/d' > /var/tmp/installedCerts.tmp
while read cert; do
isUsed=$(find /config/ -xdev -type f -name bigip.conf -exec grep $cert {} +)
if [ -z "$isUsed" ];then
echo "$cert is not used"
fi
done </var/tmp/installedCerts.tmp
rm /var/tmp/installedCerts.tmp