Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Add/Remove ServerSSL profile on a Virtual Server using SDK




I am trying to add/remove ServerSSL profile to a Virtual Server using F5 SDK.


I have the following script that will read the current profiles from the Virtual Server but I don't get my head around how to use .update() to delete a "serverSSL" profile if exist


from f5.bigip import ManagementRoot import getpass, sys   # Variable Section BigIP = "" BigIP_username = "mshoaib" vip_name = '' BigIP_password = getpass.getpass(prompt='Enter password: ', stream=None)   # Connect to BigIP f5_mgmt = ManagementRoot(BigIP, BigIP_username, BigIP_password)   # Load VIP first vip_info =, partition='Common')   # Read all profiles pf_info =  vip_info.profiles_s.get_collection()   pf_list_before = []   print("Profiles before deletion:") for a, pf in enumerate(pf_info):   print(a,   pf_list_before.append( print(pf_list_before)     pf_list_after = [] print("--------") for index, pf in enumerate(pf_info):   if == 'serverssl':     print("  Removing Server SSL")     pf_info.pop(index)   print("Profiles after deletion: ") for a, pf in enumerate(pf_info):   print(a,   pf_list_after.append(   print(pf_list_after)



Out put is :



[mshoaib@ca01net03 new_domain]$ python3.6 Enter password: Profiles before deletion: 0 http_XForwardedFor 1 oneconnect 2 serverssl 3 tcp-lan-optimized 4 tcp-wan-optimized 5 ['http_XForwardedFor', 'oneconnect', 'serverssl', 'tcp-lan-optimized', 'tcp-wan-optimized', ''] --------   Removing Server SSL Profiles after deletion: 0 http_XForwardedFor 1 oneconnect 2 tcp-lan-optimized 3 tcp-wan-optimized 4 ['http_XForwardedFor', 'oneconnect', 'tcp-lan-optimized', 'tcp-wan-optimized', ''] [mshoaib@ca01net03 new_domain]$

Equivalent TMSH CLI are :


tmsh modify ltm virtual profiles add { serverssl }

tmsh modify ltm virtual profiles delete { serverssl }  


I appreciate any code snippet or link.






I came across  BIGREST and found it much cleaner and easier to use.

I learned the syntax and developed the solution using BIGREST instead of f5-common-pyton.

Thank you Leonardo.


Below is the code snippet that will toggle Server side SSL profile.


# Connect to BigIP domain_name = "" b = BIGIP(ip, username, password)   # Load the Profiles on a virtual server profiles = b.load(f"/mgmt/tm/ltm/virtual/{rest_format(domain_name)}/profiles")   print(f"List of Profiles attached to {domain_name}") profile_context_list = [] for p in profiles: profile_context_list.append(["context"]) print(profile_context_list)   if "serverside" in profile_context_list: print("Serverside SSL applied") print("Deleting Serverside SSL profile") path = ( f"/mgmt/tm/ltm/virtual/{rest_format(domain_name)}/profiles/{rest_format(profile_name)}" ) b.delete(path) else: print("Serverside SSL doesn't applied") print("Adding Serverside SSL Profile") data = {} data["name"] = profile_name data["context"] = "serverside" b.create(f"/mgmt/tm/ltm/virtual/{rest_format(domain_name)}/profiles", data)

Complete code is here :




Yes, the f5-common-python is a little bit complicated and more difficult to maintain the SDK code.

That is why I wrote BIGREST.


I used f5-common-python a lot before, and I now use BIGREST.

Most of the stuff I create is because I need and what exist needed improvement, or what I need does not exist at all.

Anyway, it is always good to see it helped other people as well.