hi nomis,
sorry for the late respone.
well the idea is to have one managementinterface which is bound to the tr069 client which is already secured enough.
so i wonder if there is a way without any certificate to trust the cwmp server on any instances.
anyway i validated it with the root-CA. and it was working fine. - thank you very much at this point.
on more question regarding the RouterOS TR069 "client supported parameter reference document" (
https://wiki.mikrotik.com/tr069ref/current.html)
is it also available via xml? or can i get it directly from the device itself ? (if yes - how?)
i also understood
RPC Download option "1" for Firmware Upgrade pointed to an xml.
RPC Download option "3" Vendor Configuration file with any file extension.
can you please clarify the .alter file mechanism - is this something i tell the ROS to execute the downloaded file? (like a regular script?)
thank you for your great help!
christian