vaerh
commented
5 months ago :tada: This PR is included in version 1.47.0 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
Closed stasjok closed 5 months ago
vaerh
commented
5 months ago :tada: This PR is included in version 1.47.0 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
add-scepcommand)challenge_passwordparameter (present only with scep client)ForceNewis not enough onsignset. It need to be set on all elements or recreation won't workThere are still some quirks I found:
resource "routeros_system_certificate" "server_crt" { name = "Server-Certificate" common_name = "server.crt" key_usage = ["digital-signature", "key-encipherment", "tls-server"] sign { ca = routeros_system_certificate.root_ca.name } }
then there are errors that resource not found. It's because RouterOS removes all dependent certificates with a CA and the provider can't handle it for now.
certificate - allow to remove issued certificates when CRL is not used), but when CA certificate doen't have crl set. I didn't find a helper to check RouterOS version in the provider. But maybe it can be implemented simpler: just try to delete certificate, and in case there is an error, that certificate can only be revoked, then revoke it. It can be useful for changing certificate attributes without changing the name (otherwise there is a name conflict).