him411/wlan-ap-Telecominfraproject
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-ap.git synced 2025-12-16 17:01:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
b499eceebe
wlan-ap-Telecominfraproject/feeds
History
John Crispin b499eceebe cloud_discovery: add CAA DNS-based EST server discovery 
Implement EST server discovery via CAA DNS records for air-gapped
deployments. When DHCP Option 224 provides a controller FQDN, query
CAA records to determine the appropriate EST server endpoint.

The discovery flow:
1. Read controller FQDN from /tmp/cloud.json (set by DHCP handler)
2. Query CAA records for the controller domain
3. Use EST server from CAA 'issue' tag if present
4. Fall back to certificate issuer-based selection if CAA lookup fails

This allows network administrators to configure local EST servers via
DNS rather than relying on hardcoded public endpoints. Air-gapped
deployments can now specify private EST servers through standard DNS
infrastructure.

Example DNS configuration:
  controller.local. IN CAA 0 issue "est.local:8001"

When an AP receives controller.local via DHCP Option 224, it will
query CAA records and use est.local:8001 for certificate enrollment
instead of the public est.certificates.open-lan.org endpoint.

Signed-off-by: John Crispin <john@phrozen.org>
2025-12-04 12:31:17 +01:00
..
bluetooth
bluetooth-cc2652
bluetooth-csr
edgecore/eltt2
hfcl/hfcl
hostapd/hostapd
ipq807x_v5.4
mcu
mediatek
mediatek-sdk
morse
qca-wifi-7
tip
ucentral udhcpinject: Fail to get interface information for SSIDs with space 2025-12-04 12:26:49 +01:00