mirror.MikroTik/eworm.routeros-scripts
1
0
Fork 0
mirror of https://git.eworm.de/cgit/routeros-scripts synced 2025-06-23 01:58:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

global-functions: $CertificateAvailable: fetch by CommonName

Browse source 
Now that we have a proper $UrlEncode function... Fetch certificates
by CommonName.

Also remove the PEM after import.
This commit is contained in:
Christian Hesse 2019-04-30 16:11:47 +02:00
parent 7f96e5c966
commit 42834e9de1
7 changed files with 15 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

19
global-functions
View file

@ -63,23 +63,26 @@
# check and import required certificates
:global CertificateAvailable do={
:local CommonName [ :tostr $1 ];
:local FileName ([ :tostr $2 ] . ".pem");
:global ScriptUpdatesBaseUrl;
:global ScriptUpdatesUrlSuffix;
:global UrlEncode;
:global WaitForFile;
:if ([ / certificate print count-only where common-name=$CommonName ] = 0) do={
:log info ("Certificate with CommonName " . $CommonName . \
" not available, downloading and importing.");
:do {
:local LocalFileName ($CommonName . ".pem");
:local UrlFileName ([ $UrlEncode $CommonName ] . ".pem");
/ tool fetch check-certificate=yes-without-crl \
($ScriptUpdatesBaseUrl . "certs/" . \
$FileName . $ScriptUpdatesUrlSuffix) \
dst-path=$FileName;
$WaitForFile $FileName;
/ certificate import file-name=$FileName passphrase="";
$UrlFileName . $ScriptUpdatesUrlSuffix) \
dst-path=$LocalFileName;
$WaitForFile $LocalFileName;
/ certificate import file-name=$LocalFileName passphrase="";
/ file remove $LocalFileName;
} on-error={
:log warning "Failed imprting certificate!";
}
@ -112,7 +115,7 @@
}
:if ([ :len $TelegramTokenId ] > 0 && [ :len $TelegramChatId ] > 0) do={
$CertificateAvailable "Go Daddy Secure Certificate Authority - G2" "godaddy";
$CertificateAvailable "Go Daddy Secure Certificate Authority - G2";
:do {
/ tool fetch check-certificate=yes-without-crl keep-result=no http-method=post \
("https://api.telegram.org/bot" . $TelegramTokenId . "/sendMessage") \
@ -132,7 +135,7 @@
:do {
:local Vendor;
$CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
$CertificateAvailable "Let's Encrypt Authority X3";
:set Vendor ([ / tool fetch check-certificate=yes-without-crl \
("https://api.macvendors.com/" . [ :pick $Mac 0 8 ]) output=user as-value ]->"data");
:return $Vendor;
@ -178,7 +181,7 @@
:local PkgFile ($PkgName . "-" . $PkgVer . "-" . $PkgArch . ".npk");
:local PkgDest [ $CleanFilePath ($PkgDir . "/" . $PkgFile) ];
$CertificateAvailable "Let's Encrypt Authority X3" "letsencrypt";
$CertificateAvailable "Let's Encrypt Authority X3";
:do {
/ tool fetch check-certificate=yes-without-crl \
("https://upgrade.mikrotik.com/routeros/" . $PkgVer . "/" . $PkgFile) \