Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1966
Views
5
Helpful
1
Replies

RestCONF - Cisco WLC 9800 - trying to update mpsk passwords on spesific SSID - error

Go to solution
dal
Level 3
Level 3

‎06-23-2021 02:20 AM

Hi.

As topic says; I'm trying to update the mpsk passwords on a spesific SSID using restconf, but it fails.

 

I have made following script in Postman:

import requests
import json

url = "https://172.30.255.254/restconf/data/Cisco-IOS-XE-wireless-wlan-cfg:wlan-cfg-data/wlan-cfg-entries/wlan-cfg-entry=GK-PSK/mpsk-keys/"

payload = "<mpsk-key\r\n\txmlns=\"http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-wlan-cfg\"\r\n\txmlns:wireless-wlan-cfg=\"http://cisco.com/ns/yang/Cisco-IOS-XE-wireless-wlan-cfg\">\r\n\t<priority>0</priority>\r\n\t<mpsk-key>testkey2!</mpsk-key>\r\n\t<mpsk-key-type>aes</mpsk-key-type>\r\n\t<mpsk-key-format>key-ascii</mpsk-key-format>\r\n</mpsk-key>"
headers = {
  'Accept': 'application/yang-data+json',
  'Content-Type': 'application/yang-data+json',
  'Authorization': 'Basic YWRtaW46R2lzazNBZG1pbiE='
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.text)

And this gives me a nice json output of all the 5 mpsk keys:

{
    "Cisco-IOS-XE-wireless-wlan-cfg:mpsk-keys": {
        "mpsk-key": [
            {
                "priority": 0,
                "mpsk-key": "gChOW[HheEKIdZ[CLeLdiRB_AfS]ObCHEHSh",
                "mpsk-key-type": "aes",
                "mpsk-key-format": "key-ascii"
            },
            {
                "priority": 1,
                "mpsk-key": "[IdCKQSFKM`CHaYARD`BIKAZbR^[`]CRRFMaa\\PRYKISZaJ]AhQJKDa]AYX`]F[\\_NUS]WZQ[_PSLLWbSAAB",
                "mpsk-key-type": "aes",
                "mpsk-key-format": "key-ascii"
            },
            {
                "priority": 2,
                "mpsk-key": "TPiBbeX_i\\J]dKWQEGUKEe[aVDXNOFR_IBGbQVTAAB",
                "mpsk-key-type": "aes",
                "mpsk-key-format": "key-ascii"
            },
            {
                "priority": 3,
                "mpsk-key": "LYVLLbGMD^AJNZhUcPfOCbLN]RLgbP[hH",
                "mpsk-key-type": "aes",
                "mpsk-key-format": "key-ascii"
            },
            {
                "priority": 4,
                "mpsk-key": "dE]cURWOhK[db`CAXRgdZE`i[eONSQ]TZ",
                "mpsk-key-type": "aes",
                "mpsk-key-format": "key-ascii"
            }
        ]
    }
}

So far so good.

Problem comes when I try to change those passwords.

I create a new request, but this time a patch request

I copy the output from the get request into the body, and the script looks like this:

import requests
import json

url = "https://172.30.255.254/restconf/data/Cisco-IOS-XE-wireless-wlan-cfg:wlan-cfg-data/wlan-cfg-entries/wlan-cfg-entry=GK-PSK/mpsk-keys/"

payload = json.dumps({
  "Cisco-IOS-XE-wireless-wlan-cfg:mpsk-keys": {
    "mpsk-key": [
      {
        "priority": 0,
        "mpsk-key": "gChOW[HheEKIdZ[CLeLdiRB_AfS]ObCHEHSh",
        "mpsk-key-type": "aes",
        "mpsk-key-format": "key-ascii"
      },
      {
        "priority": 1,
        "mpsk-key": "[IdCKQSFKM`CHaYARD`BIKAZbR^[`]CRRFMaa\\PRYKISZaJ]AhQJKDa]AYX`]F[\\_NUS]WZQ[_PSLLWbSAAB",
        "mpsk-key-type": "aes",
        "mpsk-key-format": "key-ascii"
      },
      {
        "priority": 2,
        "mpsk-key": "TPiBbeX_i\\J]dKWQEGUKEe[aVDXNOFR_IBGbQVTAAB",
        "mpsk-key-type": "aes",
        "mpsk-key-format": "key-ascii"
      },
      {
        "priority": 3,
        "mpsk-key": "LYVLLbGMD^AJNZhUcPfOCbLN]RLgbP[hH",
        "mpsk-key-type": "aes",
        "mpsk-key-format": "key-ascii"
      },
      {
        "priority": 4,
        "mpsk-key": "dE]cURWOhK[db`CAXRgdZE`i[eONSQ]TZ",
        "mpsk-key-type": "aes",
        "mpsk-key-format": "key-ascii"
      }
    ]
  }
})
headers = {
  'Accept': 'application/yang-data+json',
  'Content-Type': 'application/yang-data+json',
  'Authorization': 'Basic YWRtaW46R2lzazNBZG1pbiE='
}

response = requests.request("PATCH", url, headers=headers, data=payload)

print(response.text)

If I don't change anything (just using the GET output, it gives me a 204 response, witch is good.

However, If I change one of the passwords, to for example password0!, it fails with a 400 response error:

{
    "errors": {
        "error": [
            {
                "error-message": "Validation failed Process DBAL response failed",
                "error-path": "/Cisco-IOS-XE-wireless-wlan-cfg:wlan-cfg-data/wlan-cfg-entries/wlan-cfg-entry=GK-PSK/mpsk-keys",
                "error-tag": "malformed-message",
                "error-type": "application"
            }
        ]
    }
}

So what could be wrong? I've been at this for days and I can't find an answer to this.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dal
Level 3
Level 3

‎06-23-2021 06:16 AM

I think I figured this out.. FINALLY!!!

When I change

"mpsk-key-type": "aes"

to

"mpsk-key-type": "clear"

it seems to work like intended

View solution in original post

1 Reply 1

Go to solution
dal
Level 3
Level 3

‎06-23-2021 06:16 AM

I think I figured this out.. FINALLY!!!

When I change

"mpsk-key-type": "aes"

to

"mpsk-key-type": "clear"

it seems to work like intended

Customers Also Viewed These Support Documents