Hi, A while after the question, but it can perhaps be of help to others. You need to set nsComment="Generated by RouterOS" on the CA certificate to get the "A" (authority) flag when importing it. Yes, that is the solution of "problem" ;-) OK, so config file needs to be...
I think I tried that too but didn't work. I also generated CA on the Routerboard itself, exported it, deleted CA, imported previous export and still didn't show A flag Gonna have to test on newer bugfix releases and will post results.
I have problem with CA certificate generated by openssl not getting recognized by RouterOS (since version 6.28 and later) as CA. The following command is used to generate CA: openssl req -new -newkey rsa:2048 -config openssl_mikrotik-capsman_v1.cnf -keyout ca.key -out ca.crt -nodes -x509 -days 3650 ...
Please tell me what is changed with SSL certificates, since 6.30 when I import my ca.crt it is being recognised as plain certificate, not CA. In versions prior to 6.30 the same ca.crt file is recognised as CA. Also, something is messed with "/tool fetch" which I use in dyndns updater scrip...
RouterOS auto upgrade script is broken, there is no more "current-version" and "latest-version" properties in "/system package update". Also if you issue "/system package check-for-updates without-paging" output will never stop. If you issue "/system pac...
RouterOS auto upgrade script is broken, there is no more "current-version" and "latest-version" properties in "/system package update". Also if you issue "/system package check-for-updates without-paging" output will never stop. If you issue "/system pack...