Quickstart

Installation

Install from PyPI using pip:
```
pip install django-simple-certmanager
```
Add simple_certmanager to the INSTALLED_APPS setting.
Run python src/manage.py migrate to create the necessary database tables
Configure django-privates correctly - the TLS certificates and keys are stored outside of settings.MEDIA_ROOT for security reasons.

Usage

Django admin

In the Django admin, you can create Certificate instances to (re-)use (mutual) TLS configuration.

Whenever an instance is deleted (through the admin or code), the associated files are purged as well.

You can create and download Certificate Signing Requests (CSR) through the admin as well.

Upload the TLS certificate from the Certificate Authority (CA) to the Certificate Signing Request instance to verify it and store it in the database.

Once signed, the signing request can not be modified anymore and can be safely deleted.

The Certificate instance will then contain the certificate and the private key if valid.

Programmatically

The Certificate model is the public API of the library.

class simple_certmanager.models.Certificate(id, label, type, public_certificate, private_key)

exception NotUpdated

property certificate: Certificate

Load and return the x509 certificate.

Raises:: ValueError – if no certificate file is associated with the instance or if the certificate could not be loaded by cryptography.

get_type_display(*, field=<django.db.models.fields.CharField: type>)

is_valid_key_pair() → None | bool

property issuer: str

label: A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

property not_valid_after: datetime

property not_valid_before: datetime

private_key

The descriptor for the file attribute on the model instance. Return a FieldFile when accessed so you can write code like:

>>> from myapp.models import MyModel
>>> instance = MyModel.objects.get(pk=1)
>>> instance.file.size

Assign a file object on assignment so you can do:

>>> with open('/path/to/hello.world') as f:
...     instance.file = File(f)

public_certificate

The descriptor for the file attribute on the model instance. Return a FieldFile when accessed so you can write code like:

>>> from myapp.models import MyModel
>>> instance = MyModel.objects.get(pk=1)
>>> instance.file.size

Assign a file object on assignment so you can do:

>>> with open('/path/to/hello.world') as f:
...     instance.file = File(f)

property serial_number: str

signing_request

Accessor to the related object on the reverse side of a one-to-one relation.

In the example:

class Restaurant(Model):
    place = OneToOneField(Place, related_name='restaurant')

Place.restaurant is a ReverseOneToOneDescriptor instance.

property subject: str

type: A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.