MOD: added more files to copy for each CA-I package

README

@@ -13,13 +13,13 @@ This package contains a set of programs to generate an entire certificate chain
  and will configure StrongSwan server. .p12 files are generated for client distribution.
 
 There are two main applications contained in this project.
-  * MOB Hub System : PKI Bootstrap
+  * PKI Bootstrap : MOB Hub System
     - 1 x Certificate Authority (CA) generation
     - 5 x CA Intermediate generation
     - 10 x Server and Client certificate generation (based on CA-I)
     - CA, CA-I, Server, and Client certificate packaged as .p12 file for easy import to Android (other clients too)
 
-  * MOB Hub System : PKI Lifecycle
+  * PKI Lifecycle : MOB Hub System
     - Unlimited CA Intermediate generation
     - Unlimited Server and Client generation (based on CA-I)
 

src/pki_bootstrap/docs/README_C

@@ -0,0 +1,22 @@
+
+      ============================
+        CLIENT GENERATION
+          Version 3.1
+      ============================
+
+
+-------------
+  INTRO
+-------------
+
+This application will generate new client certificates. The certificates can be used with any
+VPN client service. The certificate chain is also included (CA certificate & CA-I certificate).
+
+
+-------------
+  USAGE
+-------------
+
+./ gen_client.sh  
+
+

src/pki_bootstrap/docs/README_LC

@@ -1,9 +1,10 @@
 ***
-THIS was Generated by the CA generation application
+THIS was Generated by the CA Generation Application
 ***
 
-Included in this package is a CA Intermediate generation application
+Included in this package is a CA Intermediate generation application. Any number of new CA
+Intermediates can be generated. Each CA Intermediate is also packaged to be distributed to
+an organization.
+
 Running get_ca-i.sh  will create a new PKI certificate chain to be distributed to organizations.
 
-
-

src/pki_bootstrap/docs/README_S

@@ -0,0 +1,21 @@
+
+      ============================
+        SERVER GENERATION
+          Version 3.1
+      ============================
+
+
+-------------
+  INTRO
+-------------
+
+This application will generate new server certificates to be used with a VPN service.
+
+
+-------------
+  USAGE
+-------------
+
+./ gen_server.sh  
+
+

src/pki_bootstrap/docs/SERIAL

@@ -0,0 +1 @@
+1001

src/pki_bootstrap/libs/gen_ca-i.sh

@@ -10,6 +10,8 @@
 # source this file to include the functions
 . pki_funcs.sh
 
+$CA_CNF
+
 PARAM1=$1
 PARAM2=$2
 

src/pki_bootstrap/libs/pki_funcs.sh

@@ -148,3 +148,8 @@ generate_client() {
   # verify certificate (output to text file for review)
   openssl x509 -noout -text -in "client_${UNIQ_ID}.crt.pem" > "client_${UNIQ_ID}.info.txt"
 }
+
+#
+# give some info if someone tries to execute this
+echo_block "this script file has only helper functions"
+

src/pki_bootstrap/pki_bootstrap.sh

@@ -112,6 +112,7 @@ organize() {
   cp ca_i*.keys.pem servers/ca-i/
 
   # organize the ca-i directory
+  # order matters:  move these files last because they were copied above
   mkdir -p ca-i/data
   mkdir -p ca-i/docs
   mv ca_i*.pem ca-i/data/
@@ -130,14 +131,23 @@ organize() {
 #   UNIQ_ID_CA-I : unique string for the CA-I
 #
 cp_pki_lifecycle() {
+  # CA-I
   cp $CD_ROOT/libs/gen_ca-i.sh $CD_ROOT/$UNIQ_DIR_LC/
+  cp $CD_ROOT/libs/pki_funcs.sh $CD_ROOT/$UNIQ_DIR_LC/
   cp $CD_ROOT/docs/README_LC $CD_ROOT/$UNIQ_DIR_LC/README
-  cp $CD_ROOT/libs/gen_client.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/clients
-  cp $CD_ROOT/libs/gen_server.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/servers
+  cp $CD_ROOT/docs/SERIAL $CD_ROOT/$UNIQ_DIR_LC/
 
-  # cp $LIB_PATH/gen_ca-i.sh  $UNIQ_ID_CA-I/$UNIQ_DIR_LC  ca-i/
-  # cp $LIB_PATH/gen_client.sh clients/
-  # cp $LIB_PATH/gen_server.sh servers/
+  # client
+  cp $CD_ROOT/libs/gen_client.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/clients/
+  cp $CD_ROOT/libs/pki_funcs.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/clients/
+  cp $CD_ROOT/docs/README_C $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/clients/README
+  cp $CD_ROOT/docs/SERIAL $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/clients/
+
+  # server
+  cp $CD_ROOT/libs/gen_server.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/servers/
+  cp $CD_ROOT/libs/pki_funcs.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/servers/
+  cp $CD_ROOT/docs/README_S $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/servers/README
+  cp $CD_ROOT/docs/SERIAL $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/servers/
 }
 
 #