diff options
author | Christian Hesse <mail@eworm.de> | 2020-03-27 21:41:18 +0100 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2020-03-27 22:12:49 +0100 |
commit | e962fe91899c169525ea015d702135f0ba10b0e3 (patch) | |
tree | 93f4d57ddc1f7ce4e9b31112f03f61cca552b976 | |
parent | d08a342f06e268ef06e49f98e989db4ca26ec946 (diff) |
add doc/check-certificates.md
-rw-r--r-- | check-certificates | 1 | ||||
-rw-r--r-- | doc/check-certificates.md | 52 |
2 files changed, 53 insertions, 0 deletions
diff --git a/check-certificates b/check-certificates index 350adc7..b9c9075 100644 --- a/check-certificates +++ b/check-certificates @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse <mail@eworm.de> # # check for certificate validity +# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md :global CertRenewPass; :global CertRenewUrl; diff --git a/doc/check-certificates.md b/doc/check-certificates.md new file mode 100644 index 0000000..51ecd14 --- /dev/null +++ b/doc/check-certificates.md @@ -0,0 +1,52 @@ +Renew certificates and notify on expiration +=========================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script tries to download and renew certificates, then notifies about +certificates that are still about to expire. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate check-certificates; + +Configuration +------------- + +The expiry notifications just require notification settings for e-mail and +telegram. + +For automatic download and renewal of certificates you need configuration +in `global-config-overlay`, these are the parameters: + +* `CertRenewPass`: an array of passphrases to try +* `CertRenewUrl`: the url to download certificates from + +Certificates on the web server should be named `CN.pem` (`PEM` format) or +`CN.p12` (`PKCS#12` format). + +Usage and invocation +-------------------- + +Just run the script: + + / system script run check-certificates; + +... or create a scheduler for periodic execution: + + / system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup; + +See also +-------- + +* [Renew locally issued certificates](certificate-renew-issued.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) |