I've developed a certbot deploy-hook script to automate deploying certificates to RouterOS devices and wanted to share it with the community.
I created this as an alternative to the built-in ACME client, which I found to be limited and has a broken External Account Binding (EAB) mechanism. This script leverages the full power of certbot for more reliable and flexible certificate management.
Key Features:
-
Automated Deployment & Renewal: Seamlessly deploys new and renewed certificates managed by
certbotto your MikroTik devices. -
Service Integration: Automatically updates the
www-ssl,api-ssl, and specified Hotspot service profiles to use the new certificate. -
Automatic Cleanup: Manages the removal of old, expired certificates from the router to prevent clutter.
You can find the script and full instructions on GitHub: https://github.com/karrots/mikrotik-certbot
I hope this is useful for others facing similar challenges. Feedback and contributions are welcome!