Import Certificates into Cisco IOS Router (SSL VPN)


So I've made a few posts on automating SSL VPN with LetsEncrypt etc etc, however what if you're already using some way of generating certificates? Be it LetsEncrypt or otherwise.

Essentially these days I rely on another container to generate certificates as they're used by my loadbalancer to serve HTTPS content for my sites, but I still want to load these certs into my router.


I've modified my earlier python script to be able to do this. It can be found here under

This can then be run inside a container doing something like the following (if you've read some previous posts on netmiko inside Alpine you'll recognise this):

Directory Structure:

[email protected]:/home/david/cert# ls
docker-compose.yml  Dockerfile
[email protected]:/home/david/cert# 


FROM python:alpine
MAINTAINER David Chidell

RUN apk --no-cache add build-base libffi-dev openssl-dev openssl
RUN pip install --no-cache-dir netmiko


ENTRYPOINT ["python", "./"]
CMD ["--help"]

VOLUME ["/certs"]


version: '3.2'
  image: dchidell/router-cert-import
  build: .
  command: CA_LETSENCRYPT /certs/privkey1.pem /certs/cert1.pem /certs/chain1.pem --u dchidell --sshkey /root/.ssh/
   - /root/.ssh:/root/.ssh:ro
   - /mnt/nas/certs/

You can then run this container like so:

docker-compose -f /home/david/cert/docker-compose.yml run cert_import