RouterBoard MikroTik
De Linuxmemo.
(Différences entre les versions)
(Page créée avec « Catégorie:hardware ») |
|||
| Ligne 1 : | Ligne 1 : | ||
[[Catégorie:hardware]] | [[Catégorie:hardware]] | ||
| + | ==how to generate SSL certificate and enable HTTPS== | ||
| + | https://blog.a2o.si/2015/08/11/mikrotik-how-to-generate-ssl-certificate-and-enable-https/ | ||
| + | |||
| + | 1. Create CA certificate first: | ||
| + | /certificate add name=my-rtr-ca common-name=my-rtr-ca key-usage=key-cert-sign,crl-sign | ||
| + | 2. Sign the CA certificate: | ||
| + | /certificate sign my-rtr-ca | ||
| + | 3. Now create a regular certificate for HTTPS access: | ||
| + | /certificate add name=my-rtr common-name=my-rtr | ||
| + | 4. Sign it with CA from steps 1&2: | ||
| + | /certificate sign ca=my-rtr-ca my-rtr | ||
| + | OPTIONAL: Mark it as trusted (I did not need to do this, but internets beg to differ:): | ||
| + | /certificate set trusted=yes my-rtr-ca | ||
| + | /certificate set trusted=yes my-rtr | ||
| + | 5. And finally, assign the new certificate to HTTPS service: | ||
| + | /ip service set www-ssl certificate=my-rtr | ||
Version du 21 novembre 2016 à 13:53
how to generate SSL certificate and enable HTTPS
https://blog.a2o.si/2015/08/11/mikrotik-how-to-generate-ssl-certificate-and-enable-https/
1. Create CA certificate first: /certificate add name=my-rtr-ca common-name=my-rtr-ca key-usage=key-cert-sign,crl-sign 2. Sign the CA certificate: /certificate sign my-rtr-ca 3. Now create a regular certificate for HTTPS access: /certificate add name=my-rtr common-name=my-rtr 4. Sign it with CA from steps 1&2: /certificate sign ca=my-rtr-ca my-rtr OPTIONAL: Mark it as trusted (I did not need to do this, but internets beg to differ:): /certificate set trusted=yes my-rtr-ca /certificate set trusted=yes my-rtr 5. And finally, assign the new certificate to HTTPS service: /ip service set www-ssl certificate=my-rtr
