Since I want to start monitoring the switch using its REST API, I want to set up the web interface with HTTPS support.
I have found countless self-signed certificate tutorials, but none on how to import your AD Certificate Authority root cert and a certificate from that CA.
I imported the root cert, but it’s treated like a regular certificate, and its CA CRL Host and CA values are empty.
Under the CRL tab, I was able to add the CRL separately, so I guess this worked, but it seems the certificate doesn’t know anything about it.
Update
I was looking for the REST API documentation under RouterOS. Does SwOS even have a REST API?
I’m trying to add my switch to my Homepage dashboard.
You should import in order the CA, any intermediate certificates, the certificate and key you have generated for the device. You can import individual CRT or PEM certificates / keys, or a PKCS#12 bundle, you may have to mark the certificates as trusted. IIRC the A flag is not set for imported CAs, only locally generated ones.
SwOS is very basic - no proper encryption (basic digest HTTP authentication, no HTTPS, no SNMPv3, plaintext password in config files) and no API. Various people have reverse engineered the web interface data fields but this may change between firmware versions.
As it is dual-boot just use RouterOS rather than SwOS. Once you have sorted out importing certificates it should do everything you need using REST API - RouterOS - MikroTik Documentation or standard SNMP MIBs for monitoring
No, despite being called RouterOS you can configure devices using it as pure switches - a single bridge with all of the ethernet interfaces as members, a DHCP client or static address and default route provides IP management access. You can then also use any of the other functionality RouterOS provides as desired.
