There are CA certificates with identical CommonName out there... 🤪
Let's handle these.
[admin@MikroTik] > /certificate/print proplist=common-name,skid where common-name="GlobalSign";
Flags: T - TRUSTED
Columns: COMMON-NAME, SKID
# COMMON-NAME SKID
0 T GlobalSign 8FF04B7FA82E4524AE4D50FA639A8BDEE2DD1BBC
1 T GlobalSign 3DE629489BEA07CA21444A26DE6EDED283D09F59
2 T GlobalSign AE6C05A39313E2A2E7E2D71CD6C7F07FC86753A0
3 T GlobalSign 54B07BAD45B8E2407FFB0A6EFBBE33C93CA384D5
... for example from a module. Add a script `mod/symbols-extra` with
something like:
:global SymbolsExtra;
:set ($SymbolsExtra->"rocket") "\F0\9F\9A\80";
RouterOS is suffering a race condition, where a file exists, but its
properties are not (yet) available. This is handled in $WaitForFile.
This passes an interval of zero to $WaitForFile, as does not wait for
the file to exist, but wants to avoid the race only.
This (mostly) reverts commits 0e00a228d6
and e08bb2192d.
This is required for RouterOS 7.20beta4. That fixed recursive find for
files, and (again, or still?) suffers timing (and thus racing) issues
getting file properties.
This breaks RouterOS 7.20beta2 again, so that specific version is not
supported. Just update...
RouterOS 7.19 is suffering an issue with certificate store, where the
trust state is not available correctly. This effects certificates
imported a long time ago, with RouterOS 7.4 or older.
Fixing trust state for all certificates by re-setting the trust state...
(Reported as SUP-188791...)
... before reload. This should fix some corner cases where scripts ran
with broken configuration or functions.
Also do reload both - configuration and functions - to simplify the
function.
... for individual scripts. Just add it in comment with
"certificate=...". This also works on installtion:
$ScriptInstallUpdate new-script "base-url=..., certificate=...";
Closes: https://github.com/eworm-de/routeros-scripts/pull/97
We can not call $CertificateAvailable here, as that will most likely
cause an infinite loop. After all that's the certificate mkcert.org is
using. And it *is* available in this repository.
... which is a declared function, but has no code, intentionally. It can be
called as a no-op by default.
If you want this output set the function to be the same as $LogPrint:
:set LogPrintVerbose $LogPrint;
The file 'checksums.json' is generated when deploying to my web
server... This should speed up the update a lot as it reduces downloads
to a minimum. 🎉😁
