cancel
Showing results for 
Search instead for 
Did you mean: 

Bigip restful API remove all the existing client ssl profiles in a virtualserver.

siuwwong5
Altostratus
Altostratus

Would like to know how we can remove all the existing client ssl profiles in a virtualserver via restful API

1 ACCEPTED SOLUTION

JRahm
Community Manager
Community Manager

Hi @siuwwong5, you'll need to do a couple things. First, if you don't know the names of your clientssl profiles, or at least a part of the naming nomenclature that identifies them as client-ssl profiles, you'll need to check that the profiles currently applied are actually client-ssl profiles. I did this for a project in python but only address one profile:

 

def get_cssl_profile(bigip, vip_name):
    vip_profiles = bigip.load(f'/mgmt/tm/ltm/virtual/{vip_name}/profiles')
    cssl_profile = ''
    for profile in vip_profiles:
        if bigip.exist(f'/mgmt/tm/ltm/profile/client-ssl/{profile.properties.get("name")}'):
            cssl_profile = profile.properties.get('name')
    if cssl_profile != '':
        print(f'\tVirtual {vip_name} has associated client-ssl profile {cssl_profile}...continuing.')
        return cssl_profile
    else:
        sys.exit(f'\tVirtual {vip_name} has no associated client-ssl profile...exiting.')

 

if you have more than one, you'd want to create a list, and then iterate over that list to remove them, but that should give you an idea of what you need to do. Then, once you know, adding/removing is pretty simple:

 

To add:
POST json payload of {"name": "(cssl-profile-name)"} to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/

To remove:
DELETE to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/(css-profile-name)

 

View solution in original post

3 REPLIES 3

siuwwong5
Altostratus
Altostratus

would like to clean up all the existing client ssl profiles in a virtualserver, and then add a new one.

JRahm
Community Manager
Community Manager

Hi @siuwwong5, you'll need to do a couple things. First, if you don't know the names of your clientssl profiles, or at least a part of the naming nomenclature that identifies them as client-ssl profiles, you'll need to check that the profiles currently applied are actually client-ssl profiles. I did this for a project in python but only address one profile:

 

def get_cssl_profile(bigip, vip_name):
    vip_profiles = bigip.load(f'/mgmt/tm/ltm/virtual/{vip_name}/profiles')
    cssl_profile = ''
    for profile in vip_profiles:
        if bigip.exist(f'/mgmt/tm/ltm/profile/client-ssl/{profile.properties.get("name")}'):
            cssl_profile = profile.properties.get('name')
    if cssl_profile != '':
        print(f'\tVirtual {vip_name} has associated client-ssl profile {cssl_profile}...continuing.')
        return cssl_profile
    else:
        sys.exit(f'\tVirtual {vip_name} has no associated client-ssl profile...exiting.')

 

if you have more than one, you'd want to create a list, and then iterate over that list to remove them, but that should give you an idea of what you need to do. Then, once you know, adding/removing is pretty simple:

 

To add:
POST json payload of {"name": "(cssl-profile-name)"} to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/

To remove:
DELETE to /mgmt/tm/ltm/virtual/(virtual-name)/profiles/(css-profile-name)

 

Thanks a lot. it works well!!