From 04b7b1f3b58eab5c8689b3ab8ba23d9f9bfb7838 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Mon, 25 Mar 2019 16:49:26 +0100
Subject: check-certificates: update certificates for ipsec identities

---
 check-certificates | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/check-certificates b/check-certificates
index 9508f35..3a72440 100644
--- a/check-certificates
+++ b/check-certificates
@@ -39,12 +39,23 @@
       / ip service set $IpService certificate=$CertNameNew;
     }
 
+    :do {
+      :foreach Identity in=[ / ip ipsec identity find where certificate=$CertName ] do={
+        / ip ipsec identity set $Identity certificate=$CertNameNew;
+      }
+      :foreach Identity in=[ / ip ipsec identity find where remote-certificate=$CertName ] do={
+        / ip ipsec identity set $Identity remote-certificate=$CertNameNew;
+      }
+    } on-error={
+      :log debug ("Setting IPSEC certificates failed. Package 'security' not installed?");
+    }
+
     :do {
       :foreach Hotspot in=[ / ip hotspot profile find where ssl-certificate=$CertName ] do={
         / ip hotspot profile set $Hotspot ssl-certificate=$CertNameNew;
       }
     } on-error={
-      :log debug ("Setting hotspot certificates failed. Hotspot package not installed?");
+      :log debug ("Setting hotspot certificates failed. Package 'hotspot' not installed?");
     }
 
     / certificate remove $Cert;
-- 
cgit v1.2.3-54-g00ecf