Community discussions

MikroTik App
 
User avatar
chrisknight
just joined
Topic Author
Posts: 17
Joined: Wed Mar 09, 2022 9:24 pm

auto renew LetsEncrypt cert

Sat May 21, 2022 7:36 pm

Hi!
I'm editing my original post to ask for help. Is there a script to open TCP 80 to the Mikrotik, renew the LetsEncrypt cert, then close the port?

Also in the scheduler interval, is 00:00:00 hours:minutes:seconds? Can I just add 60:00:00:00 for days?
Thanks!
Last edited by chrisknight on Sat May 21, 2022 7:54 pm, edited 1 time in total.
 
msatter
Forum Guru
Forum Guru
Posts: 2897
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: auto renew LetsEncrypt cert

Sat May 21, 2022 8:22 pm

That would be 60d 00:00:00
 
innokentiy
just joined
Posts: 4
Joined: Thu Feb 16, 2012 9:04 am

Re: auto renew LetsEncrypt cert

Tue Jul 12, 2022 1:13 am

/system script add name=letsencrypt-renew policy=read,write source=":local dnsName \"PUT_YOUR_DNS_NAME_HERE\";\r\n/ip service enable [find name=\"www\"];\r\n/certificate remove [find common-name=\$dnsName];\r\n/certificate enable-ssl-certificate dns-name=\$dnsName;\r\n:delay 20s;\r\n/ip service disable [find name=\"www\"];"
/system scheduler add interval=9w name=letsencrypt-scheduled-renew on-event=letsencrypt-renew policy= read,write
 
lburton
just joined
Posts: 2
Joined: Sat Jul 23, 2022 2:21 pm

Re: auto renew LetsEncrypt cert

Sun Jul 24, 2022 12:44 am

I haven't directly tested this, but FWIW I did notice that you don't need to remove the certificate to get it to renew - it also seems to block so I'm pretty sure you can drop both the deletion and the sleep after renewal from the scheduled script. I did also update this thread with a solution with an L7 filter and to point back to this thread.
[admin@yourrouter] > /certificate enable-ssl-certificate dns-name=my.example.com
  progress: [success] ssl certificate updated
Modified it would look like:
/system script add name=letsencrypt-renew policy=read,write source=":local dnsName \"PUT_YOUR_DNS_NAME_HERE\";\r\n/ip service enable [find name=\"www\"];\r\n/certificate enable-ssl-certificate dns-name=\$dnsName;\r\n/ip service disable [find name=\"www\"];"
/system scheduler add interval=9w name=letsencrypt-scheduled-renew on-event=letsencrypt-renew policy= read,write
 
pincio
just joined
Posts: 7
Joined: Thu Aug 04, 2016 9:17 pm

Re: auto renew LetsEncrypt cert

Thu Dec 15, 2022 8:36 pm

If it would be helpful to you I wrote an auto-renewal script, you can find it @ https://github.com/pincioc/LetsEncrypt_OSScript

Ratings and comments are highly appreciated.

Mauro
 
markoz87
just joined
Posts: 7
Joined: Tue Apr 30, 2013 2:25 pm

Re: auto renew LetsEncrypt cert

Fri Sep 01, 2023 7:11 pm

Hello,

is there a way to also auto assign new certificate to SSTP server configured on Mikrotik?

Thank you!

Who is online

Users browsing this forum: aoravent, Google [Bot] and 23 guests