Compare commits

..

No commits in common. "460508c931f19d8e755d9ed22e2adff890f1cd65" and "fa16e797469b81e50867f2f6b0093c6e51229d67" have entirely different histories.

5 changed files with 9 additions and 13 deletions

View file

@ -16,7 +16,7 @@ DOMAINS_DUAL = \
gitlab.com/USERTrust-RSA-Certification-Authority \
lists.blocklist.de/GTS-Root-R4 \
matrix.org/GTS-Root-R4 \
raw.githubusercontent.com/ISRG-Root-X1 \
raw.githubusercontent.com/USERTrust-RSA-Certification-Authority \
rsc.eworm.de/Root-YE \
upgrade.mikrotik.com/ISRG-Root-X1
DOMAINS_IPV4 = \

View file

@ -60,8 +60,8 @@
http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \
($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value;
} do={
:if (!($Err ~ "[Ss]tatus 404")) do={
$LogPrint warning $0 ("Failed fetching certificate by '" . $FetchName . "': " . $Err);
:if ($Err != "Fetch failed with status 404") do={
$LogPrint warning $0 ("Failed fetching certificate: " . $Err);
}
:error false;
}
@ -177,11 +177,9 @@
$LogPrint info $ScriptName ("Attempting to renew certificate '" . ($CertVal->"name") . "'.");
:local ImportSuccess false;
:if ([ :len ($CertVal->"common-name") ] > 0) do={
:set LastName ($CertVal->"common-name");
:set FetchName $LastName;
:set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ];
}
:set LastName ($CertVal->"common-name");
:set FetchName $LastName;
:set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ];
:foreach SAN in=($CertVal->"subject-alt-name") do={
:if ($ImportSuccess = false) do={
:set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ];

View file

@ -85,7 +85,7 @@ Given you have a certificate on you server, you can use `check-certificates`
for the initial import. Just create a *dummy* certificate with short lifetime
that matches criteria to be renewed:
/certificate/add name="example.com" common-name="example.com" subject-alt-name="DNS:example.com" days-valid=1;
/certificate/add name=example.com common-name=example.com days-valid=1;
/certificate/sign example.com;
/system/script/run check-certificates;

View file

@ -115,7 +115,7 @@
# cert="Root YE" };
{ url="https://raw.githubusercontent.com/stamparm/ipsum/refs/heads/master/levels/4.txt";
# # higher level (decrease the numerical value) for more addresses, and vice versa
cert="ISRG Root X1" };
cert="USERTrust RSA Certification Authority" };
{ url="https://www.dshield.org/block.txt"; cidr="/24";
cert="GTS Root R4" };
{ url="https://lists.blocklist.de/lists/strongips.txt";

View file

@ -1290,9 +1290,7 @@
}
:foreach Script in=$Scripts do={
:if ([ :len [ /system/script/find where name=$Script ] ] > 0) do={
$LogPrint warning $0 ("Requested to add script '" . $Script . "', but that exists already!");
} else={
:if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={
$LogPrint info $0 ("Adding new script: " . $Script);
/system/script/add name=$Script owner=$Script source="#!rsc by RouterOS\n" comment=$NewComment;
}