Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
393
Views
4
Helpful
4
Replies

Postman SSL certificate issues in reserved IOS XE lab

Go to solution
Betelgeuse
Level 1
Level 1

‎11-13-2023 07:33 PM

I am trying to use restconf to interact with my cat 8kv I can ssh into the device restconf is enabled I ensured the developer user had full privileged access. When running the api call "https://10.10.20.48:443/restconf/data/ietf-interfaces:interfaces" I get a 401 unauthorized and the raw data says access-denied. Digging into the logs I see I am getting an authorization error associated with the self signed cert. authorizationError: "DEPTH_ZERO_SELF_SIGNED_CERT". I have also verified thoroughly that I have SSL certificate validation turned off in postman. What am I doing wrong here?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bigevilbeard
VIP
VIP

‎11-14-2023 02:03 AM

@Betelgeuse seems to be that your client doesn't trust the switch's self-signed cert i think.  What happens when you run curl with the k flag? (The -k or --insecure flag in curl tells it to skip SSL certificate validation)

curl -k https://10.10.20.48/restconf/data/ietf-interfaces:interfaces
Make sure RESTCONF is enabled globally on the device with restconf and that HTTPS transport is enabled with transport https. I have also read in other Postman threads, restarting the runner (restarted whole Postman) could also help.
 
Hope this helps.
Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

View solution in original post

4 Replies 4

Go to solution
bigevilbeard
VIP
VIP

‎11-14-2023 02:03 AM

@Betelgeuse seems to be that your client doesn't trust the switch's self-signed cert i think.  What happens when you run curl with the k flag? (The -k or --insecure flag in curl tells it to skip SSL certificate validation)

curl -k https://10.10.20.48/restconf/data/ietf-interfaces:interfaces
Make sure RESTCONF is enabled globally on the device with restconf and that HTTPS transport is enabled with transport https. I have also read in other Postman threads, restarting the runner (restarted whole Postman) could also help.
 
Hope this helps.
Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Go to solution
Betelgeuse
Level 1
Level 1
In response to bigevilbeard

‎11-14-2023 06:23 PM

This worked, now I just have to figure out why it wont work in postman, I've tried restarting my computer, different linux vm's, from my host network.

curl -k https://10.10.20.48/restconf/data/ietf-interfaces:interfaces \
> --user developer:C1sco12345

 

0 Helpful

Go to solution
bigevilbeard
VIP
VIP
In response to Betelgeuse

‎11-14-2023 11:39 PM

@Betelgeuse are you running a VM from your local machine with the anyconnect client on this to the sandbox? This is known to cause issues. Try the same using the always on XE sandbox and Postman, there are two to use in the catalog.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Go to solution
Betelgeuse
Level 1
Level 1
In response to bigevilbeard

‎11-15-2023 06:44 PM

@bigevilbeardI am using openconnect vpn from my ubuntu20.04.3 vm which is hosted on my local machine. I did try it with anyconnect from my host and it did work.

Customers Also Viewed These Support Documents