update readme

.gitignore

@@ -1,6 +1,6 @@
 reports/**
 inputs.yml
-local-test.yml
+*.zip
 *.pem
 *.csr
 *.crt

certificates/README.md

@@ -7,20 +7,28 @@
 - **Download**: Access the PKI CA Certificate Bundles from the [DoD PKI/PKE Document Library](https://public.cyber.mil/pki-pke/pkipke-document-library/).
   - **Direct link**: For PKCS#7 Bundle V5.13, download [here](https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/unclass-certificates_pkcs7_DoD.zip).
 
-### Step 2: Extract and Convert the Certificates
+```bash
+curl -L https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/unclass-certificates_pkcs7_DoD.zip -o dod_certificates.zip
+```
+
+### Step 2: Extract and Convert the Certificate
 
-Unzip the file and follow the README for detailed instructions or use the following commands to quickly extract and convert the certificates:
+Unzip the file and follow the README for detailed instructions or use the following command to convert the certificates:
 
 ```bash
-cd certificates_pkcs7_v5_13_dod
-openssl pkcs7 -in certificates_pkcs7_v5_13_dod_der.p7b -inform der -print_certs -out dod_CAs.pem
+unzip dod_certificates.zip
+openssl pkcs7 -in certificates_pkcs7_v5_13_dod/certificates_pkcs7_v5_13_dod_der.p7b -inform der -print_certs -out certificates_pkcs7_v5_13_dod/dod_CAs.pem
 ```
 
 ### Step 3: Place the Certificate
 
 Move the extracted `dod_CAs.pem` file to the `certificates` folder.
 
-This `dod_CAs.pem` file is what is required for the `net.tls.CAFile` option in the MongoDB configuration.
+```bash
+mv certificates_pkcs7_v5_13_dod/dod_CAs.pem certificates/
+```
+
+The `dod_CAs.pem` file is what is required for the `net.tls.CAFile` option in the MongoDB configuration.
 
 **Note:** The file gets automatically renamed to `CA_bundle.pem` when the Ansible playbook gets run.
 
@@ -31,6 +39,17 @@ net:
 		CAFile: /etc/ssl/CA_bundle.pem
 ```
 
+### Alternative Configuration: One-Command Setup
+
+For a streamlined setup, you can execute all steps with a single command:
+
+```bash
+curl -L https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/unclass-certificates_pkcs7_DoD.zip -o dod_certificates.zip && \
+unzip dod_certificates.zip && \
+openssl pkcs7 -in certificates_pkcs7_v5_13_dod/certificates_pkcs7_v5_13_dod_der.p7b -inform der -print_certs -out certificates_pkcs7_v5_13_dod/dod_CAs.pem && \
+mv certificates_pkcs7_v5_13_dod/dod_CAs.pem certificates/
+```
+
 ## MongoDB TLS/SSL Certificate and Key Generation
 
 ### Step 1: Generate a New Private Key
@@ -81,11 +100,11 @@ mv mongodb.pem mongodb-cert.crt certificates/
 cat mongodb-cert.crt >> dod_CAs.pem
 ```
 
-Move the `mongodb.pem` and `mongodb-cert.crt` files to the designated `certificates` directory. Then, append the MongoDB certificate from `mongodb-cert.crt` to your list of trusted Certificate Authorities in `dod_CAs.pem`. This setup ensures that MongoDB utilizes the certificate for secure connections and that the system recognizes it as a trusted source.
+Move the `mongodb.pem` and `mongodb-cert.crt` files to the `certificates` directory. Then, append the MongoDB certificate from `mongodb-cert.crt` to your list of trusted Certificate Authorities in `dod_CAs.pem`. This setup ensures that MongoDB utilizes the certificate for secure connections and that the system recognizes it as a trusted source.
 
 ### Alternative Configuration: One-Command Setup
 
-For a streamlined setup, you can execute all steps with a single condensed command:
+For a streamlined setup, you can execute all steps with a single command:
 
 ```bash
 openssl genrsa -out mongodb-private.key 2048 && \