diff --git a/docs/ccc_certs b/docs/ccc_certs index 7068094..9e26ce0 100644 --- a/docs/ccc_certs +++ b/docs/ccc_certs @@ -1,6 +1,7 @@ [[[ Certificate Code Command & Control ]]] +[ p12 file ] # show the sections of the package file $ openssl pkcs12 -in ~/cert.p12 -nodes -passin pass:"password" diff --git a/docs/cert_overlord b/docs/cert_overlord index 0d96c40..0be721e 100644 --- a/docs/cert_overlord +++ b/docs/cert_overlord @@ -1,5 +1,7 @@ [[[ Certificate Overlord ]]] + +[ Features ] * GUI with modern design (responsive) -modern form input features: auto complete, highlighting * simple wizard diff --git a/docs/pki_agile b/docs/pki_agile index 606649e..b277618 100644 --- a/docs/pki_agile +++ b/docs/pki_agile @@ -3,35 +3,28 @@ [[ WORKING ]] -* CA-I serial #s ?? - X.p12 file for CA-I (to import into M$ products) - -.p12 file extractor for MH provisioning -* create GUI for cert gen process (electron+crypto-interface) -* create certificate installation guide - -copy file to sd, select .p12 file, password="password" -* can I install certificates from an android application?? - -can I used knox to install certificates?? +* PKI Bootstrap: cp lifecycle functions -* gen servers - -make sure the serial# is incremented -* gen clients - -make sure the serial# is incremented [[ BACKLOG ]] -[ ver3 ] +[ current ] +* auto-increment SERIAL +* create certificate installation guide + -copy file to sd, select .p12 file, password="password" +* can I install certificates from an android application?? + -can I used knox to install certificates?? +* create GUI for cert gen process (electron+crypto-interface) +* add tool for .p12 file extractor for MH provisioning + + +[ ver 1.4 ] * create new "certificate bootstrap" with .cfg parameters for CA ".mil" strings * create new CA generation script that also reads .cfg * create new CA-I generation script that uses a CA -also packages .p12 for distrobution (use random high quality password) -* create new client generation script that uses CA-I - -just for testing purposes -* create new server generation script that uses CA-I - -just for testing purposes -* update ver3/conf so that ipsec.conf is default - -update ipsec_dev.conf to have developer [ bootstrap cert chain-of-trust ] @@ -41,12 +34,25 @@ -sneakernet two CA-I +[ ver 1.5 ] -[ ver4 ] +[[ STORIES ]] + +PKI Bootstrap + -generate a PKI Lifecycle Package + +PKI Lifecycle Package + * Local Lifecycle : CA-I generation + + * Remote Lifecycle : CA-I distributed to organizations + -generate client/server certificates + + + [[ COMPLETED ]] diff --git a/src/pki_bootstrap/SERIAL b/src/pki_bootstrap/SERIAL index 1746da6..97a55e1 100644 --- a/src/pki_bootstrap/SERIAL +++ b/src/pki_bootstrap/SERIAL @@ -1 +1 @@ -10000 \ No newline at end of file +101 \ No newline at end of file diff --git a/src/pki_lifecycle/README b/src/pki_bootstrap/docs/README_LC similarity index 100% rename from src/pki_lifecycle/README rename to src/pki_bootstrap/docs/README_LC diff --git a/src/pki_lifecycle/ca-i/gen_ca-i.sh b/src/pki_bootstrap/libs/gen_ca-i.sh similarity index 100% rename from src/pki_lifecycle/ca-i/gen_ca-i.sh rename to src/pki_bootstrap/libs/gen_ca-i.sh diff --git a/src/pki_lifecycle/tt/gen_client.sh b/src/pki_bootstrap/libs/gen_client.sh similarity index 100% rename from src/pki_lifecycle/tt/gen_client.sh rename to src/pki_bootstrap/libs/gen_client.sh diff --git a/src/pki_lifecycle/mh/gen_server.sh b/src/pki_bootstrap/libs/gen_server.sh similarity index 100% rename from src/pki_lifecycle/mh/gen_server.sh rename to src/pki_bootstrap/libs/gen_server.sh diff --git a/src/pki_bootstrap/pki_funcs.sh b/src/pki_bootstrap/libs/pki_funcs.sh similarity index 100% rename from src/pki_bootstrap/pki_funcs.sh rename to src/pki_bootstrap/libs/pki_funcs.sh diff --git a/src/pki_lifecycle/ca-i/ca/ca.crt.pem b/src/pki_lifecycle/ca-i/ca/ca.crt.pem deleted file mode 100644 index e69de29..0000000 diff --git a/src/pki_lifecycle/mh/ca-i/ca-i.crt.pem b/src/pki_lifecycle/mh/ca-i/ca-i.crt.pem deleted file mode 100644 index e69de29..0000000 diff --git a/src/pki_lifecycle/tt/ca-i/ca-i.crt.pem b/src/pki_lifecycle/tt/ca-i/ca-i.crt.pem deleted file mode 100644 index e69de29..0000000