If you’re deploying something such as DMVPN using a PKI, you may well be running a Certificate Authority on an IOS device. The files that make up the CA are stored in NVRAM. The Cisco design guide talks about backup and restore but there’s no automated way to copy the files off of the device.

I created a TCL script that can be run via a kron schedule that will copy the files off via FTP. It should work on any IOS and IOS-XE device. Head over to my cisco-ca-backup GitHub repository.

Please raise any issues on GitHub or submit a PR for any bug fixes or updates.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.