diff options
-rw-r--r-- | check-certificates | 1 | ||||
-rw-r--r-- | doc/check-certificates.md | 52 |
2 files changed, 53 insertions, 0 deletions
diff --git a/check-certificates b/check-certificates index 350adc7..b9c9075 100644 --- a/check-certificates +++ b/check-certificates @@ -3,6 +3,7 @@ # Copyright (c) 2013-2020 Christian Hesse <mail@eworm.de> # # check for certificate validity +# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md :global CertRenewPass; :global CertRenewUrl; diff --git a/doc/check-certificates.md b/doc/check-certificates.md new file mode 100644 index 0000000..51ecd14 --- /dev/null +++ b/doc/check-certificates.md @@ -0,0 +1,52 @@ +Renew certificates and notify on expiration +=========================================== + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script tries to download and renew certificates, then notifies about +certificates that are still about to expire. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate check-certificates; + +Configuration +------------- + +The expiry notifications just require notification settings for e-mail and +telegram. + +For automatic download and renewal of certificates you need configuration +in `global-config-overlay`, these are the parameters: + +* `CertRenewPass`: an array of passphrases to try +* `CertRenewUrl`: the url to download certificates from + +Certificates on the web server should be named `CN.pem` (`PEM` format) or +`CN.p12` (`PKCS#12` format). + +Usage and invocation +-------------------- + +Just run the script: + + / system script run check-certificates; + +... or create a scheduler for periodic execution: + + / system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup; + +See also +-------- + +* [Renew locally issued certificates](certificate-renew-issued.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) |