cisco.asa
cisco.asa copied to clipboard
[cisco.asa.asa_command] returns unexpected error by "show tech-support"
SUMMARY
We are trying to run show tech-support via ansible. We are using the cisco.asa.asa_command module, but receive an error.
ISSUE TYPE
- Bug Report
COMPONENT NAME
cisco.asa.asa_command module
ANSIBLE VERSION
ansible-playbook 2.9.15 python version = 3.9.1
COLLECTION VERSION
cisco.asa 2.1.0
STEPS TO REPRODUCE
snipped playbook
---
- name: Run commands
hosts: "{{ target_hosts }}"
gather_facts: false
collections:
- cisco.asa
become: true
become_method: enable
force_handlers: true
vars:
command_list:
- show tech-support
tasks:
- name: Run Commands
cisco.asa.asa_command:
commands: "{{ command_list }}"
register: result
- name: show commands result
debug:
msg: "{{ result }}"
EXPECTED RESULTS
retrieve "show tech-support" result without any errors
ACTUAL RESULTS
{
"msg": ".c:307\r\nerror:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177\r\n\r\n------------------ show ipsec stats ------------------\r\n\r\n\r\nIPsec Global Statistics\r\n-----------------------\r\nActive tunnels: 0\r\nPrevious tunnels: 27\r\nInbound\r\n",
"exception": " File \"/tmp/ansible_cisco.asa.asa_command_payload_yxs9x_pu/ansible_cisco.asa.asa_command_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/asa.py\", line 147, in run_commands\n return connection.run_commands(commands=commands, check_rc=check_rc)\n File \"/tmp/ansible_cisco.asa.asa_command_payload_yxs9x_pu/ansible_cisco.asa.asa_command_payload.zip/ansible/module_utils/connection.py\", line 185, in __rpc__\n raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)\n",
"invocation": {
"module_args": {
"commands": [
"show tech-support"
],
"match": "all",
"retries": 10,
"interval": 1,
"wait_for": null,
"provider": null,
"authorize": null,
"context": null,
"passwords": null
}
},
"_ansible_no_log": false,
"changed": false
}
Notes: It looks like the error comes from the result of "show ssl errors" made by "show tech-support"
# show ssl errors
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error@rsa_pk1.c:307
error:0B08D07B:x509 certificate routines:X509_TRUST_set:invalid trust@x509_trs.c:177
error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate@snp_mp_ssl_dm.c:843