RESTCONF Service Setup with Certificate-Based Authentication and NACM

This recipe demonstrates how to set up and use the RESTCONF API available in TNSR.

RESTCONF is desirable for its ability to implement changes to TNSR remotely using the API, but allowing remote changes to TNSR also raises security concerns. When using RESTCONF, security is extremely important to protect the integrity of the router against unauthorized changes.

Note

RESTCONF deals in JSON input and output, which is easily parsed by a variety of existing utilities and libraries for programming languages.

See also

Additional TNSR RESTCONF resources:

• RESTCONF Server

• API Endpoints

• REST API documentation

• Troubleshooting RESTCONF

• Public Key Infrastructure

• PKCS#12 Archives

RESTCONF Configuration and Usage

• Example Environment
• TNSR Setup
  • Generate Certificates
  • Setup NACM
  • Enable RESTCONF
• Client Configuration
  • Exporting separate CA, client certificate, and client key files
  • Exporting a PKCS#12 archive
• RESTCONF Examples
  • Using cURL to access the API
  • Retrieve a specific ACL
  • Retrieve a specific rule of a specific ACL
  • Add a new rule to an existing ACL
  • Use PATCH to update data
  • Remove a specific rule from an ACL
  • Use POST to retrieve data from endpoints which require parameters
• Adding More RESTCONF Users