84 lines
2.1 KiB
Plaintext
84 lines
2.1 KiB
Plaintext
[[[ Agile Tasking ]]]
|
|
|
|
|
|
[[ WORKING ]]
|
|
|
|
* discover process that pulls the cert file
|
|
-modify to pull from CA-I server certs
|
|
* gen PKI Lifecycle, gen CA-I package, copy CA-I package to cert share (on NAS)
|
|
* push latest source code
|
|
|
|
|
|
[[ BACKLOG ]]
|
|
|
|
[ current ]
|
|
* zip distribution folder (ca_i_4321.skunkworks.acme.xyz.zip)
|
|
* add CA password
|
|
* create certificate installation guide
|
|
-copy file to sd, select .p12 file, password="password"
|
|
* can I install certificates from an android application??
|
|
-can I used knox to install certificates??
|
|
* create GUI for cert gen process (electron+crypto-interface)
|
|
* add tool for .p12 file extractor for MH provisioning
|
|
* add havegd (make sure there is adequite entropy)
|
|
|
|
[ ver 3.5 : xdev bootstrap chain-of-trust ]
|
|
* select bootstrap generation cpu (beaglebone, raspi)
|
|
* change strings from "acme.xyz" to ".mil"
|
|
* generate bootstrap
|
|
-sneakernet two CA-I
|
|
* integrate into the build
|
|
-modify CI global variables (for each build)
|
|
-certs are generated BEFORE pulled into image (not part of build process)
|
|
-modify cert gen on NAS (looks for files in mount dir)
|
|
|
|
|
|
[ ver 3.6 ]
|
|
|
|
|
|
|
|
|
|
[[ COMPLETED ]]
|
|
|
|
[ ver 3.3 ]
|
|
* SERIOUS refactoring to focus on local execution with default configs and SERIAL # incrementation
|
|
* configuration defaults generated so that the CA-I package is all automated
|
|
* gen_client.sh modified run with config defaults
|
|
* gen_server.sh modified to run with config defaults
|
|
* gen_client.sh will generate # of certs
|
|
* gen_server.sh will generate # of certs
|
|
* auto-increment SERIAL
|
|
* CA FQDN saved to config file
|
|
* CA-I FQDN saved to config file
|
|
* added certificate generation count to PKI Bootstrap application
|
|
* added certificate generation count to cai_gen application
|
|
|
|
|
|
[ ver 3.2 ]
|
|
* create new CA-I generation script that uses a CA
|
|
-also packages .p12 for distrobution (use random high quality password)
|
|
* added resources directory
|
|
* added files to be copied during CA-I package creation
|
|
|
|
|
|
|
|
[[ STORIES ]]
|
|
|
|
PKI Bootstrap
|
|
-generate a PKI Lifecycle Package
|
|
|
|
PKI Lifecycle Package
|
|
* Local Lifecycle : CA-I generation
|
|
|
|
* Remote Lifecycle : CA-I distributed to organizations
|
|
-generate client/server certificates
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[ ISSUES ]]
|
|
|
|
|