Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[cisco.asa.asa_command] returns unexpected error by "show tech-support" #151

Open
nafu-kgh opened this issue Feb 14, 2022 · 1 comment
Open

[cisco.asa.asa_command] returns unexpected error by "show tech-support" #151

nafu-kgh opened this issue Feb 14, 2022 · 1 comment
Assignees
@pranav-bhatt

Comments

@nafu-kgh
Copy link

nafu-kgh commented Feb 14, 2022
edited by justjais
Loading

SUMMARY

We are trying to run show tech-support via ansible. We are using the cisco.asa.asa_command module, but receive an error.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

cisco.asa.asa_command module

ANSIBLE VERSION

ansible-playbook 2.9.15
python version = 3.9.1

COLLECTION VERSION

cisco.asa 2.1.0

STEPS TO REPRODUCE

snipped playbook

---
- name: Run commands
  hosts: "{{ target_hosts }}"
  gather_facts: false
  collections:
    - cisco.asa
  become: true
  become_method: enable
  force_handlers: true
  vars:
    command_list:
      - show tech-support
  tasks:
    - name: Run Commands
      cisco.asa.asa_command:
        commands: "{{ command_list }}"
      register: result
    - name: show commands result
      debug:
        msg: "{{ result }}"
EXPECTED RESULTS

retrieve "show tech-support" result without any errors

ACTUAL RESULTS
{
    "msg": ".c:307\r\nerror:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177\r\n\r\n------------------ show ipsec stats ------------------\r\n\r\n\r\nIPsec Global Statistics\r\n-----------------------\r\nActive tunnels: 0\r\nPrevious tunnels: 27\r\nInbound\r\n",
    "exception": "  File \"/tmp/ansible_cisco.asa.asa_command_payload_yxs9x_pu/ansible_cisco.asa.asa_command_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/asa.py\", line 147, in run_commands\n    return connection.run_commands(commands=commands, check_rc=check_rc)\n  File \"/tmp/ansible_cisco.asa.asa_command_payload_yxs9x_pu/ansible_cisco.asa.asa_command_payload.zip/ansible/module_utils/connection.py\", line 185, in __rpc__\n    raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)\n",
    "invocation": {
        "module_args": {
            "commands": [
                "show tech-support"
            ],
            "match": "all",
            "retries": 10,
            "interval": 1,
            "wait_for": null,
            "provider": null,
            "authorize": null,
            "context": null,
            "passwords": null
        }
    },
    "_ansible_no_log": false,
    "changed": false
}

Notes: It looks like the error comes from the result of "show ssl errors" made by "show tech-support"

# show ssl errors
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error@rsa_pk1.c:307
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate@snp_mp_ssl_dm.c:843
@justjais
Copy link
Member

cc. @pranav-bhatt

@justjais justjais assigned pranav-bhatt and unassigned justjais Feb 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pranav-bhatt pranav-bhatt

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@justjais @pranav-bhatt @nafu-kgh