LogoLogo
  • RouterOS Scripts
  • Scripts
    • Forward log messages via notification
    • Mode button with multiple presses
    • Import SSH keys
    • Act on received SMS
    • Install LTE firmware upgrade
    • Visualize OSPF state via LEDs
    • Use wireless network with daily psk
    • Find and remove access list duplicates
    • Create DNS records for DHCP leases
    • Manage remote logging
    • Forward received SMS
    • Collect MAC addresses in wireless access list
    • Notify about health state
    • Update configuration on IPv6 prefix change
    • Renew certificates and notify on expiration
    • Renew locally issued certificates
    • Upload backup to server
    • Play Super Mario theme
    • Manage IP addresses with bridge status
    • Notify on LTE firmware upgrade
    • Run scripts on ppp connection
    • Run other scripts on DHCP lease
    • Update GRE configuration with dynamic addresses
    • Manage system update
    • Manage LEDs dark mode
    • Upload backup to Mikrotik cloud
    • Send GPS position to server
    • Rotate NTP servers
    • Manage ports in bridge
    • Update tunnelbroker configuration
    • Notify on host up and down
    • Notify on RouterOS update
    • Send notification with early errors
    • Use WPA2 network with hotspot credentials
    • Send backup via e-mail
    • Run rolling CAP upgrades from CAPsMAN
    • Wait for configuration und functions
    • Download packages for CAP upgrade from CAPsMAN
    • Comment DHCP leases with info from access list
  • Initial commands
  • COPYING
Powered by GitBook
On this page
  • Description
  • Requirements and installation
  • Configuration
  • Usage and invocation
  • See also

Was this helpful?

  1. Scripts

Renew certificates and notify on expiration

PreviousUpdate configuration on IPv6 prefix changeNextRenew locally issued certificates

Last updated 4 years ago

Was this helpful?

Description

This script tries to download and renew certificates, then notifies about certificates that are still about to expire.

Requirements and installation

Just install the script:

$ScriptInstallUpdate check-certificates;

Configuration

The expiry notifications just require notification settings for e-mail and telegram.

For automatic download and renewal of certificates you need configuration in global-config-overlay, these are the parameters:

  • CertRenewPass: an array of passphrases to try

  • CertRenewUrl: the url to download certificates from

Certificates on the web server should be named CN.pem (PEM format) or CN.p12 (PKCS#12 format).

Usage and invocation

Just run the script:

/ system script run check-certificates;

... or create a scheduler for periodic execution:

/ system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup;

Alternatively running on startup may be desired:

/ system scheduler add name=check-certificates-startup on-event="/ system script { run global-wait; run check-certificates; }" start-time=startup;

See also

◀ Go back to main README
Renew locally issued certificates
◀ Go back to main README
▲ Go back to top