enterprise-wifi.net: API to create installers from FR config?
info at 1x-config.org
Thu Apr 4 15:43:57 CEST 2019
so I have this wild idea. To generate secure enterprise Wi-Fi
installers, the system needs to know some deployment details from the
These are typically entered by the admin-to-be interactively via the
service's web interface.
But the thing also has an API. And FreeRADIUS config contains many of
the configuration details itself.
So: what if there were a script in FR sources which could extract
- EAP types that are configured
- CAs for server identification
- server name (CN, sAN:DNS in the server certificate)
and ask a few tiny details from the admin which are not directly in the
- SSID that is to be configured
- an email address of the admin-to-be so can administer his settings later
- optionally a pretty-print name for the server ("My great Home Wi-Fi")
- more optional things, none of which are essential; I can send a
(this would either be asked interactively or be placed in a dedicated
Then, use the enterprise-wifi.net API to generate a ready-to-use
deployment, making installers for that specific RADIUS server directly
I am not a pro in parsing the FR configs, but I can give a hand in
explaining API access to get that done.
I could even imagine that installers generated via the API from
FreeRADIUS get their own dedicated branding (FreeRADIUS name and/or
logo) so that there's some brand visibility in it for FreeRADIUS as well.
API calls are all JSON; just POST them. I can create an API key which
can then attribute those calls to a distinct "FreeRADIUS" installer group.
If that's something you feel like doing, get back to me. I'll provide a
sample API call to create a new Identity Provider entity in the system
as a follow-up.
More information about the Freeradius-Devel