hallo all salam kenal, iseng” niy,,buat share aja..langsung aja yak..
membuat authentication hotspot dengan SSL berikut langkah”nya
kita membutuhkan Linux untuk create ssl certificate dan key nya.
di sini saya menggunakan ubuntu untuk create certificate dan key sebelum mengcreate kudu ada dulu yang namanya openssl
instalasi openssl di ubuntu
#apt-get install openssl
setelah terinstall, langsung create certificate dan key
1. membuat key
# openssl genrsa -des3 -out hotspot.key 1024
Generating RSA private key, 1024 bit long modulus
………………………………..++++++
…………….++++++
e is 65537 (0×10001)
Enter pass phrase for hotspot.key: <password>
Verifying – Enter pass phrase for hotspot.key: <password>
Maka akan terbentuk file hotspot.key
2. Membuat request key
#openssl req -new -key hotspot.key -out hotspot.csr
Enter pass phrase for hotspot.key: <password>
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Tangerang
Locality Name (eg, city) []:Tangerang
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Tng
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:celanabolong
Email Address []:apakekdah@yahoo.com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:apakekdah
An optional company name []:hotspotan
maka akan terbentuk file hotspot.csr berdasarkan hotspot.key
3. membuat certificate
#openssl x509 -req -days 10000 -in hotspot.csr -signkey hotspot.key -out hotspot.crt
Signature ok
subject=/C=ID/ST=Tangerang/L=Tangerang/O=Tng/CN=celanabolong/emailAddress=apakekdah@yahoo.com
Getting Private key
Enter pass phrase for hotspot.key: <password>
dengan demikian akan terbentuk file sertifikat ssl hotspot.crt berdasarkan point 1 dan 2
4. masukan hotspot.key dan hotspot.crt ke dalam mikrotik
copy paste aje biar cepet ke mikrotik lewat winbox, setalah file masuk buka terminal.
5. saatnya Instalasi sertifikat di mikrotik
[admin@MikroTik] /certificate>> import file-name=hotspot.crt
passphrase: ********* <password>
certificates-imported: 1
private-keys-imported: 0
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0
[admin@MikroTik] /certificate>> import file-name=hotspot.key
passphrase: ********* <password>
certificates-imported: 0
private-keys-imported: 1
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0
6. Set koneksi www-ssl dengan sertifikat cert1 yang barusan di import
sebelum di set aktif kan dahulu service nya
/ip service set www-ssl disabled=no
baru dah set
/ip service set www-ssl certificate=cert1
di server profile hotspotnya centang https dan pilih certificate yang tadi kita masukin.
kelar dah, silahkan mencoba. 
