Created
March 15, 2023 14:33
-
-
Save linosteenkamp/56a215c5ee1c9d3e79365d2b8990de3e to your computer and use it in GitHub Desktop.
A script to copy a LetsEncrypt wildcard certificate to a MikroTik router
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| pemFiles=/etc/letsencrypt/live/steenkamps.org/*.pem | |
| pemMd5=/etc/letsencrypt/live/steenkamps.org/pem.md5 | |
| certPath=/etc/letsencrypt/live/steenkamps.org | |
| cert=cert.pem | |
| key=privkey.pem | |
| sshIdentity=/root/.ssh/id_rsa | |
| mikrotikUser=admin | |
| mikrotikIp=192.168.1.254 | |
| if ! md5sum --status -c "$pemMd5"; then | |
| echo "Pem files changed" | |
| md5sum $pemFiles > $pemMd5 | |
| scp -i $sshIdentity -q $certPath/$cert $certPath/$key $mikrotikUser@$mikrotikIp:/ | |
| if [ $? -ne 0 ]; then | |
| echo "Unable to upload cert/key files" | |
| exit 1 | |
| else | |
| echo "Files uploaded" | |
| fi | |
| ssh -i $sshIdentity $mikrotikUser@$mikrotikIp "/certificate remove [/certificate find where name~\"${cert}*\"]" | |
| if [ $? -ne 0 ]; then | |
| echo "Unable to remove old certificate" | |
| exit 1 | |
| else | |
| echo "Old certificates removed" | |
| fi | |
| ssh -i $sshIdentity $mikrotikUser@$mikrotikIp "/certificate import file-name=${cert} passphrase=\"\" ; /certificate import file-name=${key} passphrase=\"\"" | |
| if [ $? -ne 0 ]; then | |
| echo "Unable to install new certificate" | |
| exit 1 | |
| else | |
| echo "New certificates installed" | |
| fi | |
| else | |
| echo "Certificates still valid" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment