Sometimes you just need to know what SSL Profile is attached to what Virtual Servers.
Here are a couple of cheats I use.. maybe it helps ya, maybe it don't
Simple command to run that looks in every partition
tmsh -q -c 'cd / ; show ltm virtual recursive profiles' | egrep 'Ltm::Virtual Server:| Ltm::ClientSSL Profile:'
You can always tack on | grep virtualservername
OR
To find what virtual servers have a certain ssl profile, you can tack on | grep -B1 sslprofile name
Of course if you are doing alot of work and all the virtual servers with there ssl profiles in a spreadsheet would be easier to work with you can do the following
go to /var/tmp on the F5 you want to capture the data and type vi cert-mapping.sh and press enter
Type i and then copy and paste the following
#!/bin/bash
# Search /config and sub directories (partitions) for bigip.conf files
LIST=`find /config -name bigip.conf | xargs awk '$2 == "virtual" {print $3}' 2> /dev/null | sort -u`
echo "Virtual: Profile: Certificate: Ciphers:"
echo "__________________________________________________________"
for VAL in ${LIST}
do
PROF=`tmsh show /ltm virtual ${VAL} profiles 2> /dev/null | grep -B 1 " Ltm::ClientSSL Profile:" | cut -d: -f4 | grep -i "[a-z]" | sed s'/ //'g| sort -u`
test -n "${PROF}" 2>&- && {
VIRTS=`expr $VIRTS + 1`
for PCRT in ${PROF}
do
CERT=`tmsh list /ltm profile client-ssl ${PCRT} | awk '$1 == "cert" {print $2}' 2> /dev/null | sort -u`
test -n "${CERT}" 2>&- && {
CIPHERS=`tmsh list /ltm profile client-ssl ${PCRT} ciphers | grep ciphers | awk '{print $2}'`
echo "${VAL} ${PCRT} ${CERT} ${CIPHERS}"
}
done
}
done
echo "Virtual server count: ${VIRTS}"
now type chmod 755 cert-mapping.sh
Now just run the script by typing: bash ./cert-mapping.sh > cert-mapping_$HOSTNAME"."$(date +%Y%m%d).txt and then press enter
Once the script is done (it will take awhile) download the file to your laptop and open with Excel, you can click on the first column then click on Data in Excel and select Text to Columns and then pick Delimited and unselect Tab and select Space. You should then see the data move over to the appropriate columns