routeros-scripts/initial-commands
Christian Hesse 42834e9de1 global-functions: $CertificateAvailable: fetch by CommonName
Now that we have a proper $UrlEncode function... Fetch certificates
by CommonName.

Also remove the PEM after import.
2019-04-30 16:52:53 +02:00

29 lines
1.6 KiB
Text

#!rsc
# RouterOS script: initial-commands
# Copyright (c) 2018-2019 Christian Hesse <mail@eworm.de>
{
/ tool fetch "https://git.eworm.de/cgit.cgi/routeros-scripts/plain/certs/Let%27s%20Encrypt%20Authority%20X3.pem" dst-path="letsencrypt.pem";
:delay 1s;
/ certificate {
import file-name=letsencrypt.pem passphrase="";
set name="ISRG-Root-X1" [ find where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" ];
set name="Let-s-Encrypt-Authority-X3" [ find where fingerprint="731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568" ];
set name="DST-Root-CA-X3" [ find where fingerprint="0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ];
}
:if ([ / certificate print count-only where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" or fingerprint="731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568" or fingerprint="0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739" ] != 3) do={
:error "Anything is wrong with your certificates!";
}
/ file remove "letsencrypt.pem";
:foreach Script in={ "global-config"; "global-functions"; "script-updates" } do={
/ system script add name=$Script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit.cgi/routeros-scripts/plain/" . $Script) output=user as-value]->"data");
}
/ system script {
run global-config;
run global-functions;
}
/ system scheduler {
add name=global-config start-time=startup on-event=global-config;
add name=global-functions start-time=startup on-event=global-functions;
}
}