I need to reach Mikrotik via REST APIs form an online server where I can only upload a .crt and .key files for the client certificate, not even the passphrase.
I was able to bypass the passphrase problem by using openssl to convert the .key with passphrase in one without it and this seems working,
Code: Select all
openssl rsa -in server.key -out server-nopass.key
I tried using the native Let'Encrypt integration in Mikrotik, downloaded the certificate and done the same to remove the passphrase. Imported the cert and key in server and then I get an error "unable to verify the first certificate".
I read online that I might be able to solve this by importing the fullchain.pem certificate. Is there a waypoint to get the fullchain.pem when generating the let's encrypt certificate directly in Mikrotik terminal?