Buddy_Edwards_1
Sep 09, 2016Nimbostratus
Get ClientSSL and ServerSSL profiles using the Rest API
I've written the following script so that I can document at a high level the VIPs that I have created without having to dig into them every time I need to know pools, irules, members, etc... the problem I have is that I need to know which SSL Cert Profiles are in use for both Client and Server and I can't seem to figure out a way to do it based on the virtual server. Does anyone know of a way to do this using the Rest API? I've read through the ll.5 icontrol rest document but can't seem to find where the ClientSSL and ServerSSL profiles are located.
Create a policy to trust all Certs
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$Credential = Get-Credential
$LoadBalancer = "x.x.x.x"
$VSURL = "https://$LoadBalancer/mgmt/tm/ltm/virtual"
$PoolURL = "https://$LoadBalancer/mgmt/tm/ltm/pool"
$ClientSSLURL = "https://$LoadBalancer/mgmt/tm/ltm/clientssl"
$VSRegEx = "(?<=/virtual/)(.*)(?=\?)"
$ExportFile = "./F5Export.csv"
Lookup Virtual Servers
$VirtualServerLookup = Invoke-RestMethod $VSURL -Credential $Credential
foreach ($VSLookup in $VirtualServerLookup.Items)
{
$VirtualServerLog = ""
$VirtualServer = [regex]::match($VSLookup.selfLink, $VSRegEx)
$VirtualServerURL = "$VSURL/$VirtualServer"
Lookup Virtual Server Information
$VS = Invoke-RestMethod $VirtualServerURL -Credential $Credential
$VSName = $VS.Name
$VSDestination = $VS.Destination
$VSRules = $VS.Rules
$VSEnabled = $VS.Enabled
$VSPersist = $VS.Persist.Name
$VSPool = $VS.Pool
Write-Host " Name: $VSName" -ForegroundColor Green
Write-Host " VIP: $VSDestination"
$VirtualServerLog += "$VSName,"
$VirtualServerLog += "$VSDestination,"
foreach ($VSRule in $VSRules)
{
Write-Host " Rule: $VSRule"
$VirtualServerLog += "$VSRule,"
}
Write-Host " Enabled: $VSEnabled"
$VirtualServerLog += "$VSEnabled,"
foreach ($Persist in $VSPersist)
{
Write-Host " Persistance: $Persist"
$VirtualServerLog += "$Persist,"
}
foreach ($Pool in $VSPool)
{
$PoolLookup = $Pool -replace "/","~"
$PoolSearch = Invoke-RestMethod $PoolURL/$PoolLookup -Credential $Credential
$PoolName = $PoolSearch.Name
$PoolPartition = $PoolSearch.Partition
Write-Host " Pool: $Pool"
Write-Host " Pool Name: $PoolName"
Write-Host "Pool Partition: $PoolPartition"
$VirtualServerLog += "$Pool,"
$VirtualServerLog += "$PoolName,"
$VirtualServerLog += "$PoolPartition,"
Lookup Member Information
$MemberSearch =
Invoke-RestMethod "$PoolURL/$PoolLookup/members/" -Credential $Credential
foreach ($Member in $MemberSearch.Items)
{
$MemberName = $Member.Name
$MemberAddress = $Member.Address
$MemberState = $Member.State
$MemberMonitor = $Member.Monitor
$MemberSession = $Member.Session
Write-Host " Member Name: $MemberName IP Address:$MemberAddress"
$VirtualServerLog += "$MemberName,"
$VirtualServerLog += "$MemberAddress,"
$VirtualServerLog += "$MemberState,"
$VirtualServerLog += "$MemberMonitor,"
$VirtualServerLog += "$MemberSession,"
}
}
$VirtualServerLog | Out-File $ExportFile -Append
Write-Host ""
}