Support for trustpoint creation, or 1:many prompt:answer

[taruch]

SUMMARY

Implement feature in cisco.ios that would enable trustpoint creation with "enrollment terminal pem" - (does not require SCEP)

ISSUE TYPE

Currently when using ios_command to attempt to create a trustpoint with "enrollment terminal pem", you can use prompt:answer to get into config mode and then "authenticate" the trustpoint, after which you can provide the certificate as a second answer, but Cisco interpretes what it is provided by Ansible as a string with \n's for line breaks which it doesn't understand. crypto pki authenticate pem_test

Enter the base 64 encoded CA certificate. End with a blank line or the word "quit" on a line by itself

You would paste this in if doing it manually -----BEGIN CERTIFICATE----- MIIDfTCCAmWgAwIBAgIQes7tJu7l8IRGgomMEurtqzANBgkqhkiG9w0BAQsFADBR MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxFzAVBgoJkiaJk/IsZAEZFgdhbnNpYmxl MR8wHQYDVQQDExZhbnNpYmxlLVdJTkFEU0VSVkVSLUNBMB4XDTI0MDIxMjE4NDEw ..... 2L44U/dqJyUphP4TNqoHpXNEM0IvvafdsgawvmDQxdVwfxwPOO5qH4TP1pwBfeaR pygpGjaxsloJn4otgbkzA3wreYFkUJ2WFU1VCcpldvNVApXjIedc5Hbb9IU4Q8AE R8Ggz8AGqb892aUXDkZKjpcwtJgvV14VoUPTN2O5xqn0fQ2CUJB+iSL6DmUE63gv GLf1NxQwQASzBHBKaxNnktP3v/J6yV7IKejDaEQSdkC14TA9Em/RgU6yQ6rEHfnS wTYDbzZDQrU/FjzM9SkZRnrIfmOe58sRbNH03hUX3sk0 -----END CERTIFICATE-----

COMPONENT NAME

Two potential ideas are to implement ios_trustpoint as a resource module, or by changing the prompt:answer capability in ios_command from1:1 to 1:many.

ADDITIONAL INFORMATION

The feature would enable managing cisco trustpoints without requiring SCEP.

https://raw.githubusercontent.com/taruch/ansible-network-examples/main/rtr4_pem_test.txt