Let's Encrypt certificates for RouterOS / Mikrotik

Docker container to automatically request Let's encrypt certificates and deploy them to a Mikrotik device as sstp-server, www-ssl and api-ssl certificate.

Forked from gitpel/letsencrypt-routeros with added Docker and Cloudflare (DNS) support.

Put your cloudflare API key with DNS:edit permissions into a file:

cp secrets/cloudflare-creds.example.ini secrets/cloudflare-creds.ini
chmod 600 secrets/cloudflare-creds.ini
vim secrets/cloudflare-creds.ini

Write the Mikrotik device's SSH hostkey to a file that can be mounted inside the container.

ssh-keyscan mikrotik.local > known_hosts

Edit docker-compose.yml, adapt configuration to your environment:

cp docker-compose.example.yml docker-compose.yml
vim docker-compose.yml

Generate SSH Key for RouterOS

ssh-keygen -f secrets/id_rsa -N ""

Copy SSH Key to RouterOS / Mikrotik

scp secrets/id_rsa.pub admin@mikrotik.local:

Make sure you have created an additional user (called "certbot" here) and enabled ssh.

/user ssh-keys import user=certbot public-key-file=id_rsa.pub

docker-compose build
docker-compose up -d