07-09-2021 04:00 AM
Hi,
I would like to remove certificates on a couple of IOS routers and thought I can quicklie automate this using tcl.
The interactive sequence at the CLI would be
conf t
no crypto pki trustpoint TRUSTPOINTNAME
which leads to the message:
% Removing an enrolled trustpoint will destroy all certificates
received from the related Certificate Authority.
Are you sure you want to do this? [yes/no]:
... which needs to be "auto-answered" with "yes" inside the tcl script.
I tried to do it with "typeahead", but it seems to be not working for ios_config commands.
The tiny script looks like this:
tclsh
set rmcert {
typeahead "y\n"
ios_config " no crypto pki trustpoint TRUSTPOINTNAME"
}
eval $rmcert
and the outcome is:
router(tcl)#set rmcert {
+>typeahead "y\n"
+>ios_config " no crypto pki trustpoint TRUSTPOINTNAME"
+>}
typeahead "y\n"
ios_config " no crypto pki trustpoint TRUSTPOINTNAME"
router(tcl)#eval $anycon
Are you sure you want to do this? [yes/no]:
% Please answer 'yes' or 'no'.
Are you sure you want to do this? [yes/no]:
% Please answer 'yes' or 'no'.
Are you sure you want to do this? [yes/no]:
router(tcl)#y
invalid command name "y" ^
% Invalid input detected at '^' marker.
Does anyone know how to send answers to ios_config commands inside a tcl script?
Many thanks!
BR
07-09-2021 04:05 AM
check this thread how to parse yes using tclsh
https://community.cisco.com/t5/developer-general-discussions/tcl-script-yes-no/td-p/3799428
07-09-2021 06:07 AM
Thanks! I checked it but I didn´t find the solution. What´s the exact command to use to send a "Y" to ios_config?
07-09-2021 06:15 AM
this what user able to solve :
tclsh
foreach VRF {
aaa
bbb
} { puts "[ ios_config "vrf upgrade-cli multi-af-mode common-policies vrf $VRF" ]" }
yes
yes
tclquit
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide