Day 1: Project Setup and Architecture Day 2: Root CA Generation Day 3: Intermediate CA Issuance Day 4: TLS Server Leaf Cert Issuance Day 5: Client Cert Issuance (mTLS) Day 6: Chain Parsing and Validation Day 7: Challenge — Full Issuance Pipeline
Day 8: CRL Design Day 9: CRL Generation with rcgen Day 10: CRL Verification Day 11: OCSP Request Parsing Day 12: OCSP Response Construction Day 13: OCSP HTTP Responder with Axum Day 14: Challenge — Revoke and Verify Rejection
Day 15: rustls ServerConfig with a Custom CA Day 16: rustls ClientConfig with Client Cert (mTLS) Day 17: mTLS Echo Server + Client Day 18: Persistence — PEM Store and Cert Index Day 19: CLI — pki issue, pki revoke, pki inspect Day 20: Integration Test — Full Workflow Day 21: Final Challenge — Demo + Phase 2 Reflection