Crash_Override/routeros-scripts
1
0
Fork 0
mirror of https://github.com/eworm-de/routeros-scripts synced 2024-05-14 08:04:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
routeros-scripts/doc/check-certificates.md
Christian Hesse 07fc5c898a add doc/mod/notification-matrix
2022-02-20 23:40:22 +01:00

65 lines
1.8 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Renew certificates and notify on expiration
===========================================
[◀ Go back to main README](../README.md)
> **Info**: This script can not be used on its own but requires the base
> installation. See [main README](../README.md) for details.
Description
-----------
This script tries to download and renew certificates, then notifies about
certificates that are still about to expire.
### Sample notification
![check-certificates notification](check-certificates.d/notification.svg)
Requirements and installation
-----------------------------
Just install the script:
$ScriptInstallUpdate check-certificates;
Configuration
-------------
The expiry notifications just require notification settings for e-mail,
[matrix](mod/notification-matrix.md) and/or
[telegram](mod/notification-telegram.md).
For automatic download and renewal of certificates you need configuration
in `global-config-overlay`, these are the parameters:
* `CertRenewPass`: an array of passphrases to try
* `CertRenewUrl`: the url to download certificates from
Certificates on the web server should be named `CN.pem` (`PEM` format) or
`CN.p12` (`PKCS#12` format).
Usage and invocation
--------------------
Just run the script:
/ system script run check-certificates;
... or create a scheduler for periodic execution:
/ system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup;
Alternatively running on startup may be desired:
/ system scheduler add name=check-certificates-startup on-event="/ system script run check-certificates;" start-time=startup;
See also
--------
* [Renew locally issued certificates](certificate-renew-issued.md)
---
[◀ Go back to main README](../README.md)
[▲ Go back to top](#top)
Reference in a new issue View git blame Copy permalink