sys crypto check-certΒΆ

sys crypto check-cert(1)				BIG-IP TMSH Manual				  sys crypto check-cert(1)

       check-cert - Examines certificates and displays or logs any that have expired on the BIG-IP(r) system.

       sys crypto

       Run a check on the expiration date of LTM certificates, in the sys crypto module by using the syntax below.

	 run check-cert [certificate-file-name]
	     ignore-large-cert-bundles [enabled | disabled]
	     log [enabled | disabled]
	     stdout [enabled | disabled]
	     verbose [enabled | disabled]

       You can use the check-cert command to check the expiration date of certificate(s) and print the results to the screen
       and/or log them to /var/log/ltm.

	    Specifies whether or not to ignore large certificate bundles which contain more than 20 certificates. By default it
	    will not be ignored, i.e., it will still check every certificate bundle if this option is not specified.

       log  Specifies whether results should be logged or not. By default they will be logged.

	    Specifies whether results should be printed to STDOUT or not. By default they will be printed.

	    Specifies whether verbose output should be emitted or not, such as information about all certificates being checked
	    rather than just those which return unfavorable results. By default verbose output is disabled.

       run check-cert

       Checks all certificate file-objects known by MCPD, and displays information about any certificates which have expired or
       which are close to expiration. By default this information is printed to the screen and logged to /var/log/ltm.

       run check-cert default.crt

       Runs the check on the specific certificate "default.crt"

       run check-cert verbose

       Displays expiration information about all certificates, not just those that have expired or have impending expirations.

       run check-cert ignore-large-cert-bundles enabled

       Ignore the certificate bundles with large size (the ones containing more than 20 certificates).

       run check-cert log disabled

       Prints the results to screen but does not log them.

       run check-cert stdout disabled

       Logs the results to /var/log/ltm, but does not print them to the screen.

       run, tmsh

       No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
       photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
       use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2009-2013, 2016. All rights reserved.

BIG-IP							    2016-03-14					  sys crypto check-cert(1)