aboutsummaryrefslogtreecommitdiffstats
path: root/check-certificates
AgeCommit message (Expand)AuthorFilesLines
2019-07-18check-certificates: use $ParseKeyValueStoreGravatar Christian Hesse1-11/+3
2019-05-21check-certificates: get certificate values into arrayGravatar Christian Hesse1-43/+28
2019-05-02check-certificates: do not try to renew locally issued certificatesGravatar Christian Hesse1-1/+1
2019-05-02check-certificates: give issuer info on locally issued certificates•••Certificates issued locally do not have an 'issuer' property, but a 'ca' one. Looks like either of both is filled, so just concatenate. Gravatar Christian Hesse1-1/+2
2019-04-30global-functions: add $WaitForFile, wait for file on fetch•••The fetch command is asynchronous, the file is not guaranteed to be available when command terminates. I opened an issue at Mikrotik support (Ticket#2019041722004999), their answer: > You should perform a check in a loop. > :delay until file exist > > That can happen also with any configuration not just files. So add a function to wait for a file with given name. I have not seen this with other configuration, though. Gravatar Christian Hesse1-1/+4
2019-04-11check-certificates: make sure fingerprint is a string•••This makes sure the condition below works for certificate templates, which do not have a fingerprint. Gravatar Christian Hesse1-1/+1
2019-04-11check-certificates: do not send notification for templatesGravatar Christian Hesse1-1/+1
2019-04-11check-certificates: always return a string in $GetIssuerCNGravatar Christian Hesse1-0/+1
2019-04-10check-certificates: add url encoding for certificate downloadGravatar Christian Hesse1-4/+6
2019-04-10check-certificates: try to fetch PEM and P12 fileGravatar Christian Hesse1-4/+10
2019-04-10check-certificates: use full path...•••... to make sure syntax does not break if package is not installed. Gravatar Christian Hesse1-3/+3
2019-04-10check-certificates: just change certificates, no loopGravatar Christian Hesse1-12/+4
2019-04-09drop deprecated mode= for fetchGravatar Christian Hesse1-1/+1
2019-04-03always write warnings and errors to logGravatar Christian Hesse1-0/+1
2019-04-01check-certificates: support multiple passphraseschange-3Gravatar Christian Hesse1-1/+3
2019-03-28check-certificates: show remaining timeGravatar Christian Hesse1-8/+16
2019-03-25check-certificates: update certificates for ipsec identitiesGravatar Christian Hesse1-1/+12
2019-03-06check-certificates: split loop for certificate renew and warning•••This allows to have differnt time values. Gravatar Christian Hesse1-20/+27
2019-01-12check-certificates: strip prefix from issuer CNGravatar Christian Hesse1-1/+1
2019-01-12check-certificates: properly handle expired certificatesGravatar Christian Hesse1-4/+11
2019-01-09check-certificates: move conditions to loopGravatar Christian Hesse1-60/+50
2019-01-09check-certificates: shorten key for detailed infosGravatar Christian Hesse1-10/+10
2019-01-09check-certificates: show issuer CN onlyGravatar Christian Hesse1-2/+11
2019-01-09check-certificates: include the issuer in notificationsGravatar Christian Hesse1-0/+4
2019-01-09check-certificates: update CommonName after renewalGravatar Christian Hesse1-0/+1
2019-01-09check-certificates: use time functionality•••No need to calculate that... Gravatar Christian Hesse1-25/+10
2019-01-09check-certificates: send notification on renewalGravatar Christian Hesse1-8/+18
2019-01-09check-certificates: drop extra warning•••A sent notification implies that renewal failed. Gravatar Christian Hesse1-2/+0
2019-01-04global: variable names are CamelCase••• ___ _ ___ __ / _ )(_)__ _ / _/__ _/ /_ / _ / / _ `/ / _/ _ `/ __/ /____/_/\_, / /_/ \_,_/\__/ _ __ /___/ _ __ | | / /___ __________ (_)___ ____ _/ / | | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ / | |/ |/ / /_/ / / / / / / / / / / /_/ /_/ |__/|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_) /____/ RouterOS has some odd behavior when it comes to variable names. Let's have a look at the interfaces: [admin@MikroTik] > / interface print where name=en1 Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 That looks ok. Now we use a script: { :local interface "en1"; / interface print where name=$interface; } And the result... [admin@MikroTik] > { :local interface "en1"; {... / interface print where name=$interface; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 ... still looks ok. We make a little modification to the script: { :local name "en1"; / interface print where name=$name; } And the result: [admin@MikroTik] > { :local name "en1"; {... / interface print where name=$name; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU 0 RS en1 ether 1500 1598 1 S en2 ether 1500 1598 2 S en3 ether 1500 1598 3 S en4 ether 1500 1598 4 S en5 ether 1500 1598 5 R br-local bridge 1500 1598 Ups! The filter has no effect! That happens whenever the variable name ($name) matches the property name (name=). And another modification: { :local type "en1"; / interface print where name=$type; } And the result: [admin@MikroTik] > { :local type "en1"; {... / interface print where name=$type; } Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU Ups! Nothing? Even if the variable name ($type) matches whatever property name (type=) things go wrong. The answer from MikroTik support (in Ticket#2019010222000454): > This is how scripting works in RouterOS and we will not fix it. To get around this we use variable names in CamelCase. Let's hope Mikrotik never ever introduces property names in CamelCase... *fingers crossed* Gravatar Christian Hesse1-47/+46
2019-01-02update copyright for 2019Gravatar Christian Hesse1-1/+1
2018-12-20check-certificates: support auto-renew of certificatesGravatar Christian Hesse1-10/+44
2018-11-28global-functions: add identity tag in $SendNotification•••... and send subject in telegram message. Gravatar Christian Hesse1-1/+1
2018-10-10global: remove unused variablesGravatar Christian Hesse1-2/+0
2018-10-09check-certificates: use function for notificationGravatar Christian Hesse1-3/+4
2018-09-27start scripts with a magic token / shebangGravatar Christian Hesse1-1/+1
2018-08-24add empty comment at first line...•••... for better formatting in export. Gravatar Christian Hesse1-0/+1
2018-07-05add scriptsGravatar Christian Hesse1-0/+52