enterprise-wifi.net: API to create installers from FR config?

1x-config Information info at 1x-config.org
Thu Apr 4 15:43:57 CEST 2019


so I have this wild idea. To generate secure enterprise Wi-Fi
installers, the system needs to know some deployment details from the
RADIUS configuration.

These are typically entered by the admin-to-be interactively via the
service's web interface.

But the thing also has an API. And FreeRADIUS config contains many of
the configuration details itself.

So: what if there were a script in FR sources which could extract

- EAP types that are configured
- CAs for server identification
- server name (CN, sAN:DNS in the server certificate)

and ask a few tiny details from the admin which are not directly in the

- SSID that is to be configured
- an email address of the admin-to-be so can administer his settings later
- optionally a pretty-print name for the server ("My great Home Wi-Fi")
- more optional things, none of which are essential; I can send a
detailed list

(this would either be asked interactively or be placed in a dedicated
config file)

Then, use the enterprise-wifi.net API to generate a ready-to-use
deployment, making installers for that specific RADIUS server directly

I am not a pro in parsing the FR configs, but I can give a hand in
explaining API access to get that done.

I could even imagine that installers generated via the API from
FreeRADIUS get their own dedicated branding (FreeRADIUS name and/or
logo) so that there's some brand visibility in it for FreeRADIUS as well.

API calls are all JSON; just POST them. I can create an API key which
can then attribute those calls to a distinct "FreeRADIUS" installer group.

If that's something you feel like doing, get back to me. I'll provide a
sample API call to create a new Identity Provider entity in the system
as a follow-up.



More information about the Freeradius-Devel mailing list