diff options
| author |  Christian Hesse <mail@eworm.de> | 2020-03-27 21:40:35 +0100 |
|---|---|---|
| committer | Christian Hesse <mail@eworm.de> | 2020-03-27 22:12:49 +0100 |
| commit | d08a342f06e268ef06e49f98e989db4ca26ec946 (patch) | |
| tree | 6455a5c0a8d439ae47d195cf1a9d7a58baf69978 | |
| parent | 77c1f6fd6324dc909ad4b69bdf4eb2083e4107d0 (diff) | |
add doc/certificate-renew-issued.md
| -rw-r--r-- | certificate-renew-issued | 1 | ||||
| -rw-r--r-- | doc/certificate-renew-issued.md | 47 |
2 files changed, 48 insertions, 0 deletions
diff --git a/certificate-renew-issued b/certificate-renew-issued index d5ff2c8..fe33b93 100644 --- a/certificate-renew-issued +++ b/certificate-renew-issued @@ -3,6 +3,7 @@ # Copyright (c) 2019-2020 Christian Hesse <mail@eworm.de> # # renew locally issued certificates +# https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md :global CertIssuedExportPass; diff --git a/doc/certificate-renew-issued.md b/doc/certificate-renew-issued.md new file mode 100644 index 0000000..e460ce1 --- /dev/null +++ b/doc/certificate-renew-issued.md @@ -0,0 +1,47 @@ +Renew locally issued certificates +================================= + +[◀ Go back to main README](../README.md) + +Description +----------- + +This script renews certificates issued by a local certificate authority (CA). +Optionally the certificates are exported with individual passphrases for +easy pick-up. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate certificate-renew-issued; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, there is just one +parameter: + +* `CertRenewPass`: an array holding individual passphrases for certificates + +Usage and invocation +-------------------- + +Run the script to renew certificates issued from a local CA. + + / system script run certificate-renew-issued; + +Only scripts with a remaining lifetime of three weeks or less are renewed. +The old certificate is revoked automatically. If a passphrase for a specific +certificate is given in `CertRenewPass` the certificate is exported and +PKCS#12 file (`cert-issued/CN.p12`) can be found on device's storage. + +See also +-------- + +* [Renew certificates and notify on expiration](check-certificates.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) |