maska/letsencrypt-routeros
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Konstantin Gimpel 2017-11-28 15:23:10 +02:00 committed by GitHub
parent 63b6ff97ff
commit fe1d08e992
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
README.md
View File

@ -1,15 +1,17 @@
# Let's Encrypt RouterOS / Mikrotik # Let's Encrypt RouterOS / Mikrotik
**Let's Encrypt certificates for RouterOS / Mikrotik** **Let's Encrypt certificates for RouterOS / Mikrotik**
### How it's works: [![N|Solid](https://i.mt.lv/mtv2/logo.svg)](https://nodesource.com/products/nsolid)
* Dedicated Linux renew and Push certificates to RouterOS / Mikrotik
* After you renew your certificates using CertBot ### How it works:
* The script connects to your RouterOS / Mikrotik using DSA Key * Dedicated Linux renew and push certificates to RouterOS / Mikrotik
* After CertBot renew your certificates
* The script connects to RouterOS / Mikrotik using DSA Key (without password or user input)
* Delete previous certificate files * Delete previous certificate files
* Delete previous certificate * Delete the previous certificate
* Upload two new files: Certificate and Key * Upload two new files: **Certificate** and **Key**
* Import new certificate and key * Import **Certificate** and **Key**
* Change SSTP Server Settings to new certificate * Change **SSTP Server Settings** to use new certificate
* Delete certificate and key files form RouterOS / Mikrotik storage * Delete certificate and key files form RouterOS / Mikrotik storage
### Installation on Ubuntu 16.04 ### Installation on Ubuntu 16.04
@ -54,9 +56,9 @@ scp -P $ROUTEROS_SSH_PORT /opt/letsencrypt-routeros/id_dsa.pub "$ROUTEROS_USER"@
### Setup RouterOS / Mikrotik side ### Setup RouterOS / Mikrotik side
*Check that user is the same as in the settings file letsencrypt-routeros.settings* *Check that user is the same as in the settings file letsencrypt-routeros.settings*
*Check mikrotik ssh port in /ip services ssh* *Check Mikrotik ssh port in /ip services ssh*
*Check mikrotik firewall to accept on SSH port* *Check Mikrotik firewall to accept on SSH port*
```sh ```sh
:put "Enable SSH" :put "Enable SSH"
/ip service enable ssh /ip service enable ssh
@ -77,7 +79,7 @@ apt update
apt install certbot -y apt install certbot -y
``` ```
***In the first time you will need to create Certificates manually and put domain TXT record*** ***In the first time, you will need to create Certificates manually and put domain TXT record***
*follow CertBot instructions* *follow CertBot instructions*
```sh ```sh
@ -99,3 +101,11 @@ certbot certonly --preferred-challenges=dns --manual -d $DOMAIN --manual-public-
```sh ```sh
certbot certonly --preferred-challenges=dns --manual -d $DOMAIN --manual-public-ip-logging-ok --post-hook /opt/letsencrypt-routeros/letsencrypt-routeros.sh certbot certonly --preferred-challenges=dns --manual -d $DOMAIN --manual-public-ip-logging-ok --post-hook /opt/letsencrypt-routeros/letsencrypt-routeros.sh
``` ```
### Edit Script
You can easily edit script to execute your commands on RouterOS / Mikrotik after certificates renewal
---
Licence
MIT