aboutsummaryrefslogtreecommitdiffstats
path: root/INITIAL-COMMANDS.md
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2023-10-26 11:52:50 +0200
committerGravatar Christian Hesse <mail@eworm.de>2023-10-26 22:15:05 +0200
commit8f75c17e0be4835f216b9cb7aaf697182346f4c9 (patch)
tree9a977f3c81a2c1db14a9aa4fa0217624894cfd65 /INITIAL-COMMANDS.md
parent61834297d7380cf2b211b557f1b10f45150aa1ea (diff)
global: switch eworm.de to new certificate chain (E1 / ISRG Root X2)
old chain: R3 / ISRG Root X1 new chain: E1 / ISRG Root X2 No user interaction or migration is required for existing installations as we install 'E1' and 'ISRG Root X2' for some time already.
Diffstat (limited to 'INITIAL-COMMANDS.md')
-rw-r--r--INITIAL-COMMANDS.md12
1 files changed, 6 insertions, 6 deletions
diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md
index a53ae0f..da951aa 100644
--- a/INITIAL-COMMANDS.md
+++ b/INITIAL-COMMANDS.md
@@ -10,13 +10,13 @@ Initial commands
Run the complete base installation:
{
- /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/R3.pem" dst-path="letsencrypt-R3.pem" as-value;
+ /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/E1.pem" dst-path="letsencrypt-E1.pem" as-value;
:delay 1s;
- /certificate/import file-name=letsencrypt-R3.pem passphrase="";
- :if ([ :len [ /certificate/find where fingerprint="67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd" or fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" ] ] != 2) do={
+ /certificate/import file-name=letsencrypt-E1.pem passphrase="";
+ :if ([ :len [ /certificate/find where fingerprint="46494e30379059df18be52124305e606fc59070e5b21076ce113954b60517cda" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 2) do={
:error "Something is wrong with your certificates!";
};
- /file/remove "letsencrypt-R3.pem";
+ /file/remove "letsencrypt-E1.pem";
:delay 1s;
:foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={
/system/script/add name=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data");
@@ -24,8 +24,8 @@ Run the complete base installation:
/system/script { run global-config; run global-functions; };
/system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }";
:global CertificateNameByCN;
- $CertificateNameByCN "R3";
- $CertificateNameByCN "ISRG Root X1";
+ $CertificateNameByCN "E1";
+ $CertificateNameByCN "ISRG Root X2";
};
Then continue setup with