-
Notifications
You must be signed in to change notification settings - Fork 3
SSL‐Setup
ZILLEALI edited this page May 20, 2026
·
1 revision
TLS encrypted connection to RouterOS API on port 8729.
WinBox → IP → Services → api-ssl → Enabled: yes → Port: 8729 → Certificate: (optional — self-signed works)
/ip service set api-ssl disabled=no port=8729
MIKROTIK_SSL=true
MIKROTIK_SSL_VERIFY=false
MIKROTIK_PORT=8729No code changes needed — auto-selected from config:
MikroTik::pppoe()->getActiveSessions(); // uses SSL automaticallyMost ISP routers use self-signed certificates.
Set verify_peer: false to accept them:
MIKROTIK_SSL=true
MIKROTIK_SSL_VERIFY=falseFor production with a valid CA-signed certificate:
MIKROTIK_SSL=true
MIKROTIK_SSL_VERIFY=true
MIKROTIK_SSL_CA_CERT=/etc/ssl/certs/ca-certificates.crtuse ZillEAli\MikrotikLaravel\Connections\RouterosClientSSL;
// Self-signed
$client = new RouterosClientSSL(
host: '192.168.88.1',
port: 8729,
username: 'admin',
password: 'secret',
verifyPeer: false,
);
$client->connect();
// Strict
$client = new RouterosClientSSL(
host: 'router.yourisp.com',
port: 8729,
username: 'admin',
password: 'secret',
verifyPeer: true,
caCertPath: '/etc/ssl/certs/ca-certificates.crt',
);
$client->connect();
// Connection info
$info = $client->getConnectionInfo();
// ['host' => '...', 'port' => 8729, 'ssl' => true, 'connected' => true]// config/mikrotik.php
'routers' => [
'main' => [
'host' => '192.168.1.1',
'ssl' => false, // plain connection
],
'branch' => [
'host' => '192.168.2.1',
'port' => 8729,
'ssl' => true, // SSL connection
'verify_peer' => false,
],
],← Multi-Router Setup | Caching →
📝 Found an error or missing info?
Edit this page or open an issue to suggest improvements.