F5 LTM - Get Client SSL Profiles with their VIP Mapping and CIPHER Configuration - tmsh

Updated on:

This is for those who are wondering is there a way to get a CSV report with Complete List of Client SSL Profiles and their VIP Mapping and  CIPHER Configuration in F5 LTM using tmsh

Prerequisites

  1. BigIP LTM 11 and above
  2. Administrator Shell Access ( for logging in to terminal )
  3. tmsh utility ( should be already available)
  4. python 2.4 and above should be installed

How its designed ?

We have designed a Python Program which will use tmsh commands and OOPS programming style to prepare a Dictionary and Lists and Cross Compare them to produce Comma Separated Values (CSV) output

 

Sample CSV Report Generated with this Script

clientsslcsv

The Source Code


How to Execute ?

  1. Login to BIG-IP LTM terminal
  2. Download the code and save it with .py extension
  3. Make the script executable ( chmod a+x script.py)
  4. Run the script with the Partition Name as a startup argument ( If you have no Partition, use Common as your partition)
  5. Redirect your output to the desired CSV file
./f5-GetClientSSLProfileMapping_CIPHERS.py Common > ClientSSLProfileMapping_CIPHERS.csv

Hope it helps, If you like to be notified when we add a new content. Please leave your  name and email id in the following subscription form ( we never spam!)

 

 

Thanks

A K S A R A V

Follow me on Linkedin My Profile
Follow DevopsJunction onFacebook orTwitter
For more practical videos and tutorials. Subscribe to our channel

Buy Me a Coffee at ko-fi.com

Signup for Exclusive "Subscriber-only" Content

More from Middleware Inventory

  • F5-BIG-IP LTM - How to Export Pools and their members as CSV

    If you are looking for a way to export (or) print  F5 Bigip Local Traffic Manager (LTM)  Load Balancer pools and their members in Comma Separated Values (CSV) format. This script is for you Note*: It uses tmsh command line and this has to be executed in the F5 Big-IP Advanced Shell…

  • F5 - How to List All Virtual Servers with Persistence Profiles

    For F5 BigIP professionals/administrators, it is a tough but indispensable job, to generate reports of virtual servers and their associated resources like iRule, Persistence Profile, Client SSL profile etc. I have already written various scripts to efficiently perform some of these reporting tasks and shared it here. you can find them…

  • F5 Export Pools and their VIP mappings from All Partitions

    The Objective This article is for you if you are looking for a solution for any of these scenarios Export or List All the Pools across All the Partitions Export or List All the Pools and their VIP mapping across all the partitions available Export or List All the Unused…

  • F5 irule to mark cookie as secure and httponly
    F5 LTM irule to mark cookie as secure and httponly and Why

    Some Background When it comes to handling the web application related vulnerabilities. Most of the vulnerabilities could be fixed by having the proper configuration at the F5 level. By using the right configuration at the F5. like having proper SSL Cipher at the SSL profile of the VIP (or) creating and…

  • F5 irule to log TLS version and SSL Handshake Information

    The Overview In this post, we are going to share the irule we have recently designed for one of our requirement. We basically wanted to log when the client is using a weak cipher or deprecated protocols like SSLV3, TLSv1.0 or TLSv1.1 This iRule would help you get an insight on what…