aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2019-04-01 22:45:38 +0200
committerGravatar Christian Hesse <mail@eworm.de>2019-04-01 22:45:38 +0200
commit594aef2aab8cc14a2d87b9ce23f00429559588d6 (patch)
tree9b8038ec1de4cb3a28859a74c5a82ced87ceefd2
parent40201ac1ea8e27492587d0cebdd0d6b8c24b733a (diff)
check-certificates: support multiple passphraseschange-3
-rw-r--r--check-certificates4
-rw-r--r--global-config7
-rw-r--r--global-config.changes1
-rw-r--r--global-functions2
4 files changed, 10 insertions, 4 deletions
diff --git a/check-certificates b/check-certificates
index d463ed3..4c10a52 100644
--- a/check-certificates
+++ b/check-certificates
@@ -34,7 +34,9 @@
}
/ tool fetch mode=https check-certificate=yes-without-crl url=($CertRenewUrl . $CommonName . ".pem");
- / certificate import file-name=($CommonName . ".pem") passphrase=$CertRenewPass;
+ :foreach PassPhrase in=$CertRenewPass do={
+ / certificate import file-name=($CommonName . ".pem") passphrase=$PassPhrase;
+ }
/ file remove [ find where name=($CommonName . ".pem") ];
:local CertNew [ / certificate find where common-name=$CommonName fingerprint!=$FingerPrint expires-after>3w ];
diff --git a/global-config b/global-config
index 2a75b66..b57c212 100644
--- a/global-config
+++ b/global-config
@@ -6,7 +6,7 @@
# Make sure all configuration properties are up to date and this
# value is in sync with value in script 'global-functions'!
-:global GlobalConfigVersion 2;
+:global GlobalConfigVersion 3;
# This is used for DNS and backup file.
:global Domain "example.com";
@@ -97,4 +97,7 @@
# Use this for certificate auto-renew
:global CertRenewUrl "";
#:global CertRenewUrl "https://example.com/certificates/";
-:global CertRenewPass "v3ry-s3cr3t";
+:global CertRenewPass {
+ "v3ry-s3cr3t";
+ "4n0th3r-s3cr3t";
+}
diff --git a/global-config.changes b/global-config.changes
index 7c430dc..86a130f 100644
--- a/global-config.changes
+++ b/global-config.changes
@@ -5,4 +5,5 @@
:global GlobalConfigChanges {
1="moved variables from global-config to global-functions for independence";
2="variable names became CamelCase to work around scripting issues";
+ 3="variable for certificate renew passphrase became an array to support multiple passphrases";
};
diff --git a/global-functions b/global-functions
index 1145200..69f2c36 100644
--- a/global-functions
+++ b/global-functions
@@ -5,7 +5,7 @@
# global functions
# expected configuration version
-:global ExpectedConfigVersion 2;
+:global ExpectedConfigVersion 3;
# global variables not to be changed by user
:global SentRouterosUpdateNotification "-";