cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3499
Views
0
Helpful
3
Replies

SPA 3102 Provisioning HTTP with encryption

ross-parkinson
Level 1
Level 1

When I use the recomended procedure in the provisioning documentation

profile.xml

<flat-profile>

<GPP_A> 123456

</GPP_A>

</flat-profile>

openssl enc –e –aes-256-cbc –k SecretPhrase1234 –in profile.xml –out profile.cfg

and I and add the relevant key to my profile rule;

[--key "SecretPhrase1234"] http://10.1.1.10/$MA/profile.cfg

loggs say that profile resync successfull but after a refresh of browser on the spa the new profile has not taken and GPP_A is blank.

I have used the same profile in plain all ok

http://10.1.1.10/$MA/profile.cfg   # works great

I have used the same profile in with gzip all ok

cat profile.xml | gzip > profile.cfg

http://10.1.1.10/$MA/profile.cfg   # works great

I have tried changing the key and resync fails, I have tried it without "" in the key resync sucessfull problem still exisit

I have tried decrypting the file using openssl enc and I get the original file back.

It has been driving me spare... cisco can you help

3 Replies 3

Alberto Montilla
Cisco Employee
Cisco Employee

Dear Sir;


Can you send us the debug information that SPA3102 is generating? This should work properly.

Could you also indicate us the firmware version you are using?

Regards
Alberto

Hi Alberto

Attached are the logs as requested see brief description of each file

1. web server access log.

2. Syslog 0 and syslog 3.

3. spa file plain

4. same file gz

5. same file with gz then encyption

key is as per my original post.

The SW is version is 5.1.10

Dear Sir;


Can you please send me the html configuration of the device (in admin advanced mode). I see the unit is downloading the file correctly so not sure of what the issue is.

One thing I have see is that you are using a different header on the XML file (compared to what the xml template is for the SPA3102). I suggest you take the complete header of the file included in the SPC for the product and try again...not sure It is the issue but think it will be easy to test.

Regards
Alberto

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: