mirror of
https://github.com/Telecominfraproject/ols-ucentral-client.git
synced 2026-03-20 03:39:28 +00:00
d8af348fae
- Add EST (RFC 7030) client implementation for automated certificate lifecycle - est-client.c/h: Complete EST protocol implementation using libcurl + OpenSSL - Support for simple enrollment, reenrollment, and CA certificate retrieval - Auto-detection of EST server based on certificate issuer - Update ucentral-client for PKI 2.0 certificate flow - Remove DigiCert firstcontact flow (marked as legacy, to be removed) - Implement automatic EST enrollment on first boot - Birth certificates (cert.pem, key.pem, cas.pem) → EST → operational certificates - Fallback to birth certificates if enrollment fails - Add reenroll RPC command handler in proto.c - Allows gateway-initiated certificate renewal before expiration - Saves renewed certificate and schedules restart after 10 seconds - Update configuration and documentation - Version bump: 4.1.0 → 5.0.0 - Dockerfile: Reference schema v5.0.0 (tag to be created after PR merge) - README.md: Comprehensive PKI 2.0 architecture and workflow documentation - partition_script.sh: Add comments clarifying birth certificate provisioning - Add PKI 2.0 example scripts - Test EST enrollment, reenrollment, and CA certificate retrieval - Manual testing tools for certificate operations - Comprehensive troubleshooting guide - Update Makefile to compile est-client.o - Build tested successfully with no regressions (38MB binary) This implementation follows the proven TIP wlan-ap PKI 2.0 pattern for consistency across TIP/OpenWifi projects.
6 lines
42 B
JSON
6 lines
42 B
JSON
{
|
|
"major": 5,
|
|
"minor": 0,
|
|
"patch": 0
|
|
}
|