Hi guys!
I'm trying test the REST API integration with router CSRV1000v using the IOS XE version 16.09.01
I followed the instructions present on the link below:
https://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/restapi/restapi/RESTAPIintro.html
So I'm wondering if I miss something ..
I'm obtaining this output when I'm trying do a CURL on the router:
curl -v -X POST https://10.122.66.115/api/v1/auth/token-services-H "Accept:application/json" -u "admin:password" -d "" --insecure 3
* About to connect() to 10.122.66.115port 443 (#0)
* Trying 10.122.66.115...
* Connected to 10.122.66.115(10.122.66.115) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=IOS-Self-Signed-Certificate-1150883327
* start date: Out 22 22:39:49 2018GMT
* expire date: Jan 01 00:00:00 2030GMT
* common name: IOS-Self-Signed-Certificate-1150883327
* issuer: CN=IOS-Self-Signed-Certificate-1150883327
* Server auth using Basic with user 'admin'
> POST /api/v1/auth/token-services HTTP/1.1
> Authorization: Basic YWRtaW46TG9naWNhbGlzMTIz
> User-Agent: curl/7.29.0
> Host: 10.122.66.115
> Accept:application/json
> Content-Length: 0
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 411 Length Required
< Server: nginx
< Date: Tue, 16 Jul 201914:09:22 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
< Accept-Ranges: none
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< Strict-Transport-Security: max-age=7884000
* HTTP error before end of send, stop sending
<
* Closing connection 0
* About to connect() to 3 port 80 (#1)
* Trying 0.0.0.3...
* Failed to connect to 0.0.0.3: Argumento inválido
* couldn't connect to host at 3:80
* Closing connection 1
curl: (7) Failed to connect to 0.0.0.3: Argumento inválido
Could you help me please?
Thanks in advance,
BN.
Hi there,
Looking at your curl command it is not syntactically correct: no space before '-H' , "--insecure" should have no space and "-3" needs a hypen. Try pasting the following:
curl -v -X POST https://10.122.66.115/api/v1/auth/token-services -H "Accept:application/json" -u "admin:password" -d "" --insecure -3
cheers,
Seb.
Hi Seb, still not works:
Follow the output below:
curl -v -X POST https://10.122.66.115/api/v1/auth/token-services-H "Accept:application/json" -u "admin:password" -d "" --insecure -3
* About to connect() to 10.122.66.115port 443 (#0)
* Trying 10.122.66.115...
* Connected to 10.122.66.115(10.122.66.115) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP)
* Cannot communicate securely with peer: no common encryption algorithm(s).
* Closing connection 0
curl: (35) Cannot communicate securely with peer: no common encryption algorithm(s).
Regards,
BN.
Well at least that is a different error message. Try the same command, but remove the '-3' from the end and let curl negotiate the cipher to use...
hmmmm, ok. On the CSR, what is the output of show virtual-service detail
Hi Brendon,
the remote management installation looks good.
The presence of the line "* HTTP error before end of send, stop sending" hints at an issue with the HTTP service running in the virtual service. You are already using the latest (and only) release of this OVA and I have checked the cisco bug website for any likely culprits and nothing is apparent.
I'm afraid I can't help any further,
Seb.