mirror.MikroTik/nymurbd.MikroTik-scripts
1
0
Fork 0
mirror of https://github.com/nymurbd/MikroTik-scripts.git synced 2025-06-30 05:04:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
nymurbd.MikroTik-scripts/doc/check-certificates.md
Michael Gisbers 8375673d93 global-functions: implement notifications via Matrix 
Matrix is an open network for secure, decentralized communication - and
it has a web api.

A warning on message type: Using 'm.notice' breaks rendering on Element
for Android (no fixed width font) and does not pop up desktop
notification. Thus we use 'm.text'. Should be safe as we do not send the
messages in response to other messages.

https://matrix.org/
2021-06-08 21:07:25 +02:00

59 lines
1.6 KiB
Markdown
Raw Blame History

Renew certificates and notify on expiration
===========================================
[◀ Go back to main README](../README.md)
🛈 This script can not be used on its own but requires the base installation.
See [main README](../README.md) for details.
Description
-----------
This script tries to download and renew certificates, then notifies about
certificates that are still about to expire.
Requirements and installation
-----------------------------
Just install the script:
$ScriptInstallUpdate check-certificates;
Configuration
-------------
The expiry notifications just require notification settings for e-mail,
matrix and/or telegram.
For automatic download and renewal of certificates you need configuration
in `global-config-overlay`, these are the parameters:
* `CertRenewPass`: an array of passphrases to try
* `CertRenewUrl`: the url to download certificates from
Certificates on the web server should be named `CN.pem` (`PEM` format) or
`CN.p12` (`PKCS#12` format).
Usage and invocation
--------------------
Just run the script:
/ system script run check-certificates;
... or create a scheduler for periodic execution:
/ system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup;
Alternatively running on startup may be desired:
/ system scheduler add name=check-certificates-startup on-event="/ system script run check-certificates;" start-time=startup;
See also
--------
* [Renew locally issued certificates](certificate-renew-issued.md)
---
[◀ Go back to main README](../README.md)
[▲ Go back to top](#top)
Reference in a new issue View git blame Copy permalink