mirror/eworm-de-routeros-scripts
1
0
Fork 0
mirror of https://github.com/eworm-de/routeros-scripts.git synced 2024-05-11 05:55:19 +00:00
Code Releases Activity

check-certificates: exclude issued certificates on SCEP server

Browse Source
This commit is contained in:
Christian Hesse
2020-04-24 14:26:00 +02:00
parent 1e12c0e159
commit 85f9c5d62e
1 changed files with 20 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
check-certificates
View File

@ -100,6 +100,9 @@
:foreach Cert in=[ / certificate find where !revoked !scep-url expires-after<2w fingerprint~"." ] do={
:local CertVal [ / certificate get $Cert ];
:if ([ / certificate scep-server print count-only where ca-cert=($CertVal->"ca") ] > 0) do={
$LogPrintExit debug ("Certificate \"" . ($CertVal->"name") . "\" is handled by SCEP, skipping.") false;
} else={
:local ExpiresAfter [ $FormatExpire ($CertVal->"expires-after") ];
:local State "is about to expire";
:if (($CertVal->"expired") = true) do={
@ -117,4 +120,5 @@
"Expires in: " . $ExpiresAfter);
$LogPrintExit warning ("The certificate " . ($CertVal->"name") . " " . $State . \
", it is invalid after " . ($CertVal->"invalid-after") . ".") false;
}
}