We can use the WinBox tool when we want to work more comfortably. However, even such poor view can be helpful when working with small number of certificates. The output can be very confusing as the columns are truncated on predefined widths. The router will print the list of all installed certificates. When you want to check for an already installed certificates just type following command: certificate print You should see there that one certificate is imported. Therefore, read carefully the response from the command. However, if something is wrong (format of the file or the password), then the import of the certificate will fail. ![]() Therefore, our command will be: certificate import file-name=ca.crtĪs we protected our CA certificate with a password (or even better passphrase), we must provide the correct password to enable importing of the certificate. Where the certname.crt is the name of the certificate we need to import. I will import in this example the root CA certificate from the command line.Ĭommand for importing certificates is: certificate import file-name=certname.crt If you prefer to work from the command line or if working over a slow link, you can finish the whole job with a few commands. We need to upload those files on the router we can utilize the Mikrotik WinBox built-in file transfer capability or FTP session with the router. More importantly, if we are working with a third party CA root certificate we will never have access to it. We will never use a private key for the root CA certificate. Our list of the ingredients is very short. ) If you need instructions for other platforms, you can check the following documents: We can work from the command line or from WinBox GUI. The procedure described here is the same for any version of Mikrotik RouterOS, from 3.30 to 6.36.3. Moreover, this process is the same regardless how we obtain those certificates. ![]() ![]() For small installations, we will use the self-signed CA infrastructure. We need certificates for specific VPN technologies, including Microsoft SSTP and OpenVPN tunnels.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |