This script tries to download and renew certificates, then notifies about certificates that are still about to expire.
Just install the script:
The expiry notifications just require notification settings for e-mail and telegram.
For automatic download and renewal of certificates you need configuration
global-config-overlay, these are the parameters:
CertRenewPass: an array of passphrases to try
CertRenewUrl: the url to download certificates from
Certificates on the web server should be named
PEM format) or
Just run the script:
/ system script run check-certificates;
... or create a scheduler for periodic execution:
/ system scheduler add interval=1d name=check-certificates on-event="/ system script run check-certificates;" start-time=startup;