mikrotik check cert

certpusher.py

@@ -427,16 +427,38 @@ class MikroTikManager(SSHManager):
 
             logger.debug(f"Found certificates:\n{stdout}")
 
-            # Parse certificate names
+            # Parse certificate names - terse format: "154 LT name=letsencrypt.pem_0"
-            cert_names = re.findall(r'name="([^"]+)"', stdout)
+            # Try both formats (with and without quotes)
+            cert_names = re.findall(r'name="?([^"\s]+)"?', stdout)
 
             if not cert_names:
                 logger.error("Could not parse certificate names")
-                return False, False
+                logger.error("Trying alternative parsing...")
+                # Alternative: parse lines
+                for line in stdout.split('\n'):
+                    if 'name=' in line and 'letsencrypt' in line:
+                        match = re.search(r'name=([^\s]+)', line)
+                        if match:
+                            cert_names.append(match.group(1))
+                
+                if not cert_names:
+                    logger.error("Still could not find certificate name!")
+                    return False, False
+
+            # Filter to get the leaf certificate (not intermediate CA)
+            # Usually it's the first one or the one with common-name matching our domain
+            imported_cert_name = None
+            for name in cert_names:
+                if '_0' in name:  # Usually the leaf cert
+                    imported_cert_name = name
+                    break
+
+            if not imported_cert_name:
+                imported_cert_name = cert_names[0]
 
-            imported_cert_name = cert_names[0]
             logger.info(f"Using certificate: {imported_cert_name}")
 
+            
             # Step 8: Configure www-ssl service
             logger.info("Configuring www-ssl to use new certificate")
             config_cmd = f'/ip service set www-ssl certificate="{imported_cert_name}"'