ab#72824

Lee Fine · Lee Fine · commit 6481e27078ee · 2025-06-26T17:47:49.000Z
diff --git a/F5Client.cs b/F5Client.cs
@@ -352,6 +352,35 @@ private X509Certificate2Collection GetCertificateEntry(string path)
             return c.ToX509Certificate2Collection();
         }
 
+        public List<F5SSLProfile> GetSSLProfiles(int pageSize)
+        {
+            LogHandlerCommon.MethodEntry(logger, CertificateStore, "GetSSLProfiles");
+            string partition = CertificateStore.StorePath;
+            string query = $"/mgmt/tm/ltm/profile/client-ssl?$top={pageSize}&$skip=0";
+            F5PagedSSLProfiles pagedProfiles = REST.Get<F5PagedSSLProfiles>(query);
+            List<F5SSLProfile> profiles = new List<F5SSLProfile>();
+
+            if (pagedProfiles.totalItems == 0 || pagedProfiles.items?.Length == 0)
+            {
+                return profiles;
+            }
+
+            for (int i = pagedProfiles.pageIndex; i <= pagedProfiles.totalPages; i++)
+            {
+                profiles.AddRange(pagedProfiles.items);
+
+                // The current paged profile will contain a link to the next set, unless the end has been reached
+                if (string.IsNullOrEmpty(pagedProfiles.nextLink)) { break; }
+
+                // Get the next page of profiles
+                query = pagedProfiles.nextLink.Replace("https://localhost", "");
+                pagedProfiles = REST.Get<F5PagedSSLProfiles>(query);
+            }
+
+            LogHandlerCommon.MethodExit(logger, CertificateStore, "GetCertificateEntries");
+            return profiles;
+        }
+
         private void SetItemStatus(CurrentInventoryItem agentInventoryItem)
         {
             LogHandlerCommon.MethodEntry(logger, CertificateStore, "SetItemStatus");
@@ -611,67 +640,67 @@ private List<X509Certificate2> ReorderPEMLIst(List<X509Certificate2> certList)
         // WebServer
         #endregion
 
-        #region SSL Profiles
+        #region SSL Certificates
 
-        public List<CurrentInventoryItem> GetSSLProfiles(int pageSize)
+        public List<CurrentInventoryItem> GetCertificateEntries(int pageSize)
         {
-            LogHandlerCommon.MethodEntry(logger, CertificateStore, "GetSSLProfiles");
+            LogHandlerCommon.MethodEntry(logger, CertificateStore, "GetCertificateEntries");
             string partition = CertificateStore.StorePath;
             string query = $"/mgmt/tm/sys/file/ssl-cert?$filter=partition+eq+{partition}&$select=name,keyType,isBundle&$top={pageSize}&$skip=0";
-            F5PagedSSLProfiles pagedProfiles = REST.Get<F5PagedSSLProfiles>(query);
-            List<F5SSLProfile> profiles = new List<F5SSLProfile>();
+            F5PagedSSLCertificates pagedCertificates = REST.Get<F5PagedSSLCertificates>(query);
+            List<F5SSLCertificate> certificates = new List<F5SSLCertificate>();
             List<CurrentInventoryItem> inventory = new List<CurrentInventoryItem>();
 
-            if (pagedProfiles.totalItems == 0 || pagedProfiles.items?.Length == 0)
+            if (pagedCertificates.totalItems == 0 || pagedCertificates.items?.Length == 0)
             {
-                LogHandlerCommon.Trace(logger, CertificateStore, $"No SSL profiles found in partition '{partition}'");
-                LogHandlerCommon.MethodExit(logger, CertificateStore, "GetSSLProfiles");
+                LogHandlerCommon.Trace(logger, CertificateStore, $"No SSL certificates found in partition '{partition}'");
+                LogHandlerCommon.MethodExit(logger, CertificateStore, "GetCertificateEntries");
                 return inventory;
             }
             else
             {
-                LogHandlerCommon.Trace(logger, CertificateStore, $"Compiling {pagedProfiles.totalPages} pages containing {pagedProfiles.totalItems} total inventory entries");
+                LogHandlerCommon.Trace(logger, CertificateStore, $"Compiling {pagedCertificates.totalPages} pages containing {pagedCertificates.totalItems} total inventory entries");
             }
 
-            // Collected all of the profile entry names
-            for (int i = pagedProfiles.pageIndex; i <= pagedProfiles.totalPages; i++)
+            // Collected all of the certificate entry names
+            for (int i = pagedCertificates.pageIndex; i <= pagedCertificates.totalPages; i++)
             {
-                profiles.AddRange(pagedProfiles.items);
+                certificates.AddRange(pagedCertificates.items);
 
-                // The current paged profile will contain a link to the next set, unless the end has been reached
-                if (string.IsNullOrEmpty(pagedProfiles.nextLink)) { break; }
+                // The current paged certificate list will contain a link to the next set, unless the end has been reached
+                if (string.IsNullOrEmpty(pagedCertificates.nextLink)) { break; }
 
-                // Get the next page of profiles
-                query = pagedProfiles.nextLink.Replace("https://localhost", "");
-                pagedProfiles = REST.Get<F5PagedSSLProfiles>(query);
+                // Get the next page of certificates
+                query = pagedCertificates.nextLink.Replace("https://localhost", "");
+                pagedCertificates = REST.Get<F5PagedSSLCertificates>(query);
             }
 
             // Compile the entries into inventory items
-            for (int i = 0; i < profiles.Count; i++)
+            for (int i = 0; i < certificates.Count; i++)
             {
                 try
                 {
-                    LogHandlerCommon.Trace(logger, CertificateStore, $"Processing alias {profiles[i].name}");
+                    LogHandlerCommon.Trace(logger, CertificateStore, $"Processing alias {certificates[i].name}");
                     // Exclude 'ca-bundle.crt' as that can only be managed by F5
-                    if (profiles[i].name.Equals("ca-bundle.crt", StringComparison.OrdinalIgnoreCase)
-                        || profiles[i].name.Equals("f5-ca-bundle.crt", StringComparison.OrdinalIgnoreCase))
+                    if (certificates[i].name.Equals("ca-bundle.crt", StringComparison.OrdinalIgnoreCase)
+                        || certificates[i].name.Equals("f5-ca-bundle.crt", StringComparison.OrdinalIgnoreCase))
                     {
-                        LogHandlerCommon.Trace(logger, CertificateStore, $"Skipping '{profiles[i].name}' because it is managed by F5");
+                        LogHandlerCommon.Trace(logger, CertificateStore, $"Skipping '{certificates[i].name}' because it is managed by F5");
                         continue;
                     }
-                    inventory.Add(GetInventoryItem(partition, profiles[i].name, true));
+                    inventory.Add(GetInventoryItem(partition, certificates[i].name, true));
                 }
                 catch (Exception ex)
                 {
-                    LogHandlerCommon.Error(logger, CertificateStore, ExceptionHandler.FlattenExceptionMessages(ex, $"Unable to process inventory item {profiles[i].name}."));
+                    LogHandlerCommon.Error(logger, CertificateStore, ExceptionHandler.FlattenExceptionMessages(ex, $"Unable to process inventory item {certificates[i].name}."));
                 }
             }
 
-            LogHandlerCommon.MethodExit(logger, CertificateStore, "GetSSLProfiles");
+            LogHandlerCommon.MethodExit(logger, CertificateStore, "GetCertificateEntries");
             return inventory;
         }
 
-        // SSL Profiles
+        // SSL Certificates
         #endregion
 
         #region Auth & Version
diff --git a/F5DataModels.cs b/F5DataModels.cs
@@ -62,6 +62,18 @@ internal class F5CABundle
         public string[] includeBundle { get; set; }
     }
 
+    internal class F5PagedSSLCertificates : F5PagedResult
+    {
+        public F5SSLCertificate[] items { get; set; }
+    }
+
+    internal class F5SSLCertificate
+    {
+        public string name { get; set; }
+        public bool isBundle { get; set; }
+        public string keyType { get; set; }
+    }
+
     internal class F5PagedSSLProfiles : F5PagedResult
     {
         public F5SSLProfile[] items { get; set; }
@@ -70,8 +82,7 @@ internal class F5PagedSSLProfiles : F5PagedResult
     internal class F5SSLProfile
     {
         public string name { get; set; }
-        public bool isBundle { get; set; }
-        public string keyType { get; set; }
+        public string cert { get; set; }
     }
 
     internal class F5Key
diff --git a/SSLProfile/Inventory.cs b/SSLProfile/Inventory.cs
@@ -45,7 +45,7 @@ public override JobResult ProcessJob(InventoryJobConfiguration config, SubmitInv
                 ValidateF5Release(logger, JobConfig.CertificateStoreDetails, f5);
 
                 LogHandlerCommon.Debug(logger, JobConfig.CertificateStoreDetails, $"Getting inventory from '{config.CertificateStoreDetails.StorePath}'");
-                inventory = f5.GetSSLProfiles(20);
+                inventory = f5.GetCertificateEntries(20);
 
                 LogHandlerCommon.Debug(logger, JobConfig.CertificateStoreDetails, $"Submitting {inventory?.Count} inventory entries for '{config.CertificateStoreDetails.StorePath}'");
                 submitInventory.Invoke(inventory);
