sys crypto check-certΒΆ

sys crypto check-cert(1)      BIG-IP TMSH Manual      sys crypto check-cert(1)



NAME
       check-cert - Examines certificates and displays or logs any that have
       expired on the BIG-IP(r) system.

MODULE
       sys crypto

SYNTAX
       Run a check on the expiration date of LTM certificates, in the sys
       crypto module by using the syntax below.

   RUN
	 run check-cert [certificate-file-name]
	   options:
	     ignore-large-cert-bundles [enabled | disabled]
	     log [enabled | disabled]
	     stdout [enabled | disabled]
	     verbose [enabled | disabled]

DESCRIPTION
       You can use the check-cert command to check the expiration date of
       certificate(s) and print the results to the screen and/or log them to
       /var/log/ltm.

OPTIONS
       ignore-large-cert-bundles
	    Specifies whether or not to ignore large certificate bundles which
	    contain more than 20 certificates. By default it will not be
	    ignored, i.e., it will still check every certificate bundle if
	    this option is not specified.

       log  Specifies whether results should be logged or not. By default they
	    will be logged.

       stdout
	    Specifies whether results should be printed to STDOUT or not. By
	    default they will be printed.

       verbose
	    Specifies whether verbose output should be emitted or not, such as
	    information about all certificates being checked rather than just
	    those which return unfavorable results. By default verbose output
	    is disabled.

EXAMPLES
       run check-cert

       Checks all certificate file-objects known by MCPD, and displays
       information about any certificates which have expired or which are
       close to expiration. By default this information is printed to the
       screen and logged to /var/log/ltm.

       run check-cert default.crt

       Runs the check on the specific certificate "default.crt"

       run check-cert verbose

       Displays expiration information about all certificates, not just those
       that have expired or have impending expirations.

       run check-cert ignore-large-cert-bundles enabled

       Ignore the certificate bundles with large size (the ones containing
       more than 20 certificates).

       run check-cert log disabled

       Prints the results to screen but does not log them.

       run check-cert stdout disabled

       Logs the results to /var/log/ltm, but does not print them to the
       screen.

SEE ALSO
       run, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2009-2013, 2016. All rights
       reserved.



BIG-IP				  2016-03-14	      sys crypto check-cert(1)