Re: Using Netmiko for importing certificates

pleonard1 · ‎03-15-2022

Has anyone used Netmiko to import certificates into router configurations via terminal? We're running into errors with the cert import after issuing the command: crypto pki trustpool import terminal

Alexander Stevenson · ‎03-28-2022

Hello @pleonard1,

I've used Netmiko on occasion but not for this task. Can you share more info in regards to what hardware/software you're working with?

I did find the following, which may be of help:

- Try running 'crypto pki trustpool import clean' first. (Optional) Manually removes all downloaded PKI CA certificates.The clean keyword specifies the removal of the downloaded PKI trustpool certificates before the new certificates are downloaded. The terminal keyword removes the existing CA certificate bundle terminal setting. The url keyword and url argument removes the existing URL file system setting. (Source: Public Key Infrastructure Configuration Guide - PKI Trustpool Management)

- There is a deliberate reason why PKI crypto pki trustpool import url doesn't work. I know you're using 'terminal' but it could be related.

- This document Cisco Umbrella - ISR4k integration troubleshooting guide troubleshoots the command you're trying to run.

- Beginning on page 59 of this Cisco Live PPT Threat Defense for a Secure Enterprise Branch, this particular command is covered.

Hopefully one of these can point you in the right direction.

Nabsch · ‎04-01-2022

Hello,

You can try to use the function send_command_timing.

output = connection.send_command_timing(
command_string=cmd, strip_prompt=False, strip_command=False
)