From 0a4f4bf1d4ca57132838bbfbfbcae0e6b884ca1d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mateusz=20Gruszczy=C5=84ski?=
 <mateusz.gruszczynski@firma.interia.pl>
Date: Mon, 27 Oct 2025 09:38:17 +0100
Subject: [PATCH] mikrotik services config

---
 certpusher.py | 33 +++++++++++++++++++++------------
 1 file changed, 21 insertions(+), 12 deletions(-)

diff --git a/certpusher.py b/certpusher.py
index 086fcf6..dcf2494 100644
--- a/certpusher.py
+++ b/certpusher.py
@@ -317,10 +317,10 @@ class MikroTikManager(SSHManager):
             
             # Certificate is current, check services
             logger.info("Certificate is current. Verifying services...")
-            
-            cert_name = "letsencrypt.pem_0"
+
+            cert_names = ["letsencrypt.pem_0", "letsencrypt", "letsencrypt.pem"]
             services_need_update = False
-            
+
             for service in services:
                 success, stdout, stderr = self.execute_command(
                     f'/ip service print where name="{service}"',
@@ -328,23 +328,32 @@ class MikroTikManager(SSHManager):
                 )
                 
                 if success and stdout:
-                    if f'certificate={cert_name}' not in stdout and 'certificate=letsencrypt' not in stdout:
-                        logger.warning(f"Service {service} not using correct certificate")
+                    logger.debug(f"Service {service} output:\n{stdout}")
+                    
+                    # Check if ANY of the expected certificate names appears in output
+                    # (works for both tabular and key=value format)
+                    cert_found = False
+                    for cert_name in cert_names:
+                        if cert_name in stdout:
+                            cert_found = True
+                            logger.info(f"✓ Service {service} using certificate: {cert_name}")
+                            break
+                    
+                    if not cert_found:
+                        logger.warning(f"Service {service} not using letsencrypt certificate")
                         services_need_update = True
-                    else:
-                        logger.info(f"✓ Service {service} properly configured")
                 else:
                     logger.warning(f"Could not check service {service}")
                     services_need_update = True
-            
+
             if services_need_update:
                 logger.info("Services need reconfiguration. Updating...")
-                self.configure_services(services, cert_name)
+                self.configure_services(services, "letsencrypt.pem_0")
                 return False
-            
-            logger.info("✓ Certificate and services are current. Skipping.")
+
+            logger.info("✓ Certificate and services are current.")
             return False
-                
+                            
         except Exception as e:
             logger.warning(f"Error checking: {e}")
             return True