Hi. Can someone help me to import a certificate with a script.
biggest problem, if the certificate expires, then all my SSTP tunnels close, and my clients devices are country wide, worst fear! and the tunnel is the only way to connect to the routers
I need a script to install the new certificate before the old one expires, everything with scripts
How many routers are there to update, and what is your time frame?
Trying to develop an automated system using the API or SSH could be a large and in-depth project, depending on how automated you want the process, and how you want to accomplish the task.
well, I have a couple 750’s connected to a 1100, so I just want to setup scripts on the 1100 to upload a script to the 750 and then run it on the 750 to update, because my certificate expires in 10 years so I want to upload a new certificate every year, I’ve got 10x 750’s on remote places and the amount is growing, all connected over a sstp tunnels
Because the certificate passphrase can’t be entered in a script, you’ll have to use one of the other options mentioned earlier.
I would use a central server with access to all the routers. It would schedule the uploading of the new certificates and run the necessary API commands to the routers. The nice thing about the API is that there are a number of different implementations, so you have options to choose from.
but ofcourse it wont do anything coz it needs a passphase, is there a way, i can add something in the script so that it can enter the passphase without thinking about it?
I tried that too but there doesn’t appear to be any way to enter the passphrase after the fact. If you want that feature, you could start a new forum post as a feature request, or email MikroTik support about it.