YumaPro SDK 17.10-6 introduces support for NETCONF and Call Home over TLS.

In order to use TLS for NETCONF, you must set the --cert-usermap configuration parameter for netconfd-pro.


The cert-usermap parameter can have multiple values set, one per user.

Each entry specifies a certificate to user name mapping for NETCONF over TLS sessions. 

A mapping is a structured string using the form <user>@<fingerprint>.


For example: admin@60:C8:5C:08:82:55


There is no default for cert-usermap.


The cert-usermap parameter can be set via the command line when booting netconfd-pro:


user@system> netconfd-pro --cert-usermap=john@49:01:00:8E:97:EB


or can be configured in netconfd-pro's configuration file, located by default at /etc/yumapro/netconfd-pro.conf:


#### leaf-list cert-usermap
# Each entry specifies a certificate to user name mapping
# for NETCONF over TLS sessions. A mapping is a structured
# string using the form <user>@<fingerprint>.
# Example: admin@60:C8:5C:08:82:55
#
# no default for cert-usermap

cert-usermap john@49:01:00:8E:97:EB