Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Bigip restful API remove all the existing client ssl profiles in a virtualserver.

Go to solution
siuwwong5
Altostratus
Altostratus

‎29-Jun-2022 23:57

Would like to know how we can remove all the existing client ssl profiles in a virtualserver via restful API

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
JRahm
Community Manager
Community Manager

‎30-Jun-2022 11:52

Hi @siuwwong5, you'll need to do a couple things. First, if you don't know the names of your clientssl profiles, or at least a part of the naming nomenclature that identifies them as client-ssl profiles, you'll need to check that the profiles currently applied are actually client-ssl profiles. I did this for a project in python but only address one profile:

 

def get_cssl_profile(bigip, vip_name):
    vip_profiles = bigip.load(f'/mgmt/tm/ltm/virtual/{vip_name}/profiles')
    cssl_profile = ''
    for profile in vip_profiles:
        if bigip.exist(f'/mgmt/tm/ltm/profile/client-ssl/{profile.properties.get("name")}'):
            cssl_profile = profile.properties.get('name')
    if cssl_profile != '':
        print(f'\tVirtual {vip_name} has associated client-ssl profile {cssl_profile}...continuing.')
        return cssl_profile
    else:
        sys.exit(f'\tVirtual {vip_name} has no associated client-ssl profile...exiting.')

 

if you have more than one, you'd want to create a list, and then iterate over that list to remove them, but that should give you an idea of what you need to do. Then, once you know, adding/removing is pretty simple:

 

To add:
POST json payload of {"name": "(cssl-profile-name)"} to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/

To remove:
DELETE to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/(css-profile-name)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
https://twitter.com/jasonrahm
https://www.youtube.com/devcentral

View solution in original post

3 REPLIES 3

Go to solution
siuwwong5
Altostratus
Altostratus

‎30-Jun-2022 00:15

would like to clean up all the existing client ssl profiles in a virtualserver, and then add a new one.

0 Kudos

Go to solution
JRahm
Community Manager
Community Manager

‎30-Jun-2022 11:52

Hi @siuwwong5, you'll need to do a couple things. First, if you don't know the names of your clientssl profiles, or at least a part of the naming nomenclature that identifies them as client-ssl profiles, you'll need to check that the profiles currently applied are actually client-ssl profiles. I did this for a project in python but only address one profile:

 

def get_cssl_profile(bigip, vip_name):
    vip_profiles = bigip.load(f'/mgmt/tm/ltm/virtual/{vip_name}/profiles')
    cssl_profile = ''
    for profile in vip_profiles:
        if bigip.exist(f'/mgmt/tm/ltm/profile/client-ssl/{profile.properties.get("name")}'):
            cssl_profile = profile.properties.get('name')
    if cssl_profile != '':
        print(f'\tVirtual {vip_name} has associated client-ssl profile {cssl_profile}...continuing.')
        return cssl_profile
    else:
        sys.exit(f'\tVirtual {vip_name} has no associated client-ssl profile...exiting.')

 

if you have more than one, you'd want to create a list, and then iterate over that list to remove them, but that should give you an idea of what you need to do. Then, once you know, adding/removing is pretty simple:

 

To add:
POST json payload of {"name": "(cssl-profile-name)"} to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/

To remove:
DELETE to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/(css-profile-name)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
https://twitter.com/jasonrahm
https://www.youtube.com/devcentral

Go to solution
siuwwong5
Altostratus
Altostratus
In response to JRahm

‎30-Jun-2022 22:04

Thanks a lot. it works well!!

Copyright © 2023 Khoros, LLC