mirror.MikroTik/eworm.routeros-scripts
1
0
Fork 0
mirror of https://git.eworm.de/cgit/routeros-scripts synced 2025-07-17 17:42:29 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

certs: split checks for dual, ipv4 & ipv6...

Browse source 
... and check both if available.
This commit is contained in:
Christian Hesse 2025-01-30 22:16:49 +01:00
parent aa294b4c67
commit fcb5347e33
1 changed files with 34 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

48
certs/Makefile
View file

@ -1,32 +1,52 @@
# Makefile to check certificates # Makefile to check certificates
DOMAINS = \ CURL = curl \
1.1.1.1/DigiCert-Global-Root-G2 \ --capath /dev/null \
8.8.8.8/GTS-Root-R1 \ --connect-timeout 5 \
9.9.9.9/DigiCert-Global-Root-G3 \ --output /dev/null \
--silent
DOMAINS_DUAL = \
api.macvendors.com/GTS-Root-R4 \ api.macvendors.com/GTS-Root-R4 \
api.mullvad.net/ISRG-Root-X1 \
api.telegram.org/Go-Daddy-Root-Certificate-Authority-G2 \ api.telegram.org/Go-Daddy-Root-Certificate-Authority-G2 \
cloudflare-dns.com/DigiCert-Global-Root-G2 \ cloudflare-dns.com/DigiCert-Global-Root-G2 \
dns.google/GTS-Root-R1 \ dns.google/GTS-Root-R1 \
dns.quad9.net/DigiCert-Global-Root-G3 \ dns.quad9.net/DigiCert-Global-Root-G3 \
feodotracker.abuse.ch/GlobalSign \
git.eworm.de/ISRG-Root-X2 \ git.eworm.de/ISRG-Root-X2 \
ipv4.showipv6.de/ISRG-Root-X1 \
ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \
ipv6.showipv6.de/ISRG-Root-X1 \
lists.blocklist.de/Certum-Trusted-Network-CA \ lists.blocklist.de/Certum-Trusted-Network-CA \
matrix.org/GTS-Root-R4 \ matrix.org/GTS-Root-R4 \
raw.githubusercontent.com/DigiCert-Global-Root-G2 \
rsc.eworm.de/ISRG-Root-X2 \
upgrade.mikrotik.com/ISRG-Root-X1
DOMAINS_IPV4 = \
1.1.1.1/DigiCert-Global-Root-G2 \
8.8.8.8/GTS-Root-R1 \
9.9.9.9/DigiCert-Global-Root-G3 \
api.mullvad.net/ISRG-Root-X1 \
feodotracker.abuse.ch/GlobalSign \
ipv4.showipv6.de/ISRG-Root-X1 \
ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \
mkcert.org/ISRG-Root-X1 \ mkcert.org/ISRG-Root-X1 \
ntfy.sh/ISRG-Root-X1 \ ntfy.sh/ISRG-Root-X1 \
sslbl.abuse.ch/GlobalSign \ sslbl.abuse.ch/GlobalSign \
upgrade.mikrotik.com/ISRG-Root-X1 \
www.dshield.org/ISRG-Root-X1 \ www.dshield.org/ISRG-Root-X1 \
www.spamhaus.org/GTS-Root-R4 www.spamhaus.org/GTS-Root-R4
DOMAINS_IPV6 = \
[2606\:4700\:4700\:\:1111]/DigiCert-Global-Root-G2 \
[2001\:4860\:4860\:\:8888]/GTS-Root-R1 \
[2620\:fe\:\:9]/DigiCert-Global-Root-G3 \
ipv6.showipv6.de/ISRG-Root-X1
.PHONY: $(DOMAINS) .PHONY: $(DOMAINS_DUAL) $(DOMAINS_IPV4) $(DOMAINS_IPV6)
all: $(DOMAINS) all: $(DOMAINS_DUAL) $(DOMAINS_IPV4) $(DOMAINS_IPV6)
$(DOMAINS): $(DOMAINS_DUAL):
curl --output /dev/null --silent --connect-timeout 5 --capath /dev/null --cacert $(notdir $@).pem https://$(dir $@) $(CURL) -4 --cacert $(notdir $@).pem https://$(dir $@)
$(CURL) -6 --cacert $(notdir $@).pem https://$(dir $@)
$(DOMAINS_IPV4):
$(CURL) -4 --cacert $(notdir $@).pem https://$(dir $@)
$(DOMAINS_IPV6):
$(CURL) -6 --cacert $(notdir $@).pem https://$(dir $@)