Python API¶

django-ca provides a Python API for everyone that wants to extend the functionality or build your own solution on top.

Note

This project is developed using Python and Django. Using the Python API requires knowledge in both. If you need help, both projects provide excellend documentation.

General¶

django-ca is a standard Django App. Using it requires a basic Django environment. You do not have to provide any special settings, default settings should be fine.

If you plan on using this project in standalone scripts, Django has some hints to get you started. But note that you still have to configure all of the basic Django settings and there is virtually no functionality without a database.

In some environments, e.g. where django-ca is exclusively used with commandline scripts, it might we worth it to use the default SQLite database backend.

Certificate Authorities¶

Certificate Authorities are represented by the CertificateAuthority model. It is a standard Django model, which means you can use the QuerySet API to retrieve and manipulate CAs:

>>> from django_ca.models import CertificateAuthority
>>> ca = CertificateAuthority.objects.get(serial='...')
>>> ca.enabled = False
>>> ca.save()

To create a new CA, you have to init(), this example creates a minimal CA:

>>> from django_ca.models import CertificateAuthority
>>> from django_ca.subject import Subject
>>> from datetime import datetime
>>> ca = CertificateAuthority.objects.init(
...     name='A new CA', subject=Subject('/CN=ca.example.com'), key_size=2048)

Please refer to the autogenerated documentation for CertificateAuthority and CertificateAuthorityManager for a detailed list of models.

Certificates¶

Certificates are represented by the Certificate model, they too are a standard Django model:

>>> from django_ca.models import Certificate
>>> cert = Certificate.objects.get(serial='...')
>>> cert.revoke()  # this already calls save()

Much like with certificate authorities, creating a new certificate requires a management method:

>>> from django_ca.models import Certificate
>>> cert = Certificate.objects.init(ca, csr, ...)

Subjects and Extensions¶

django-ca provides a set of convenience classes to allow you to handle subjects and extensions for certificates more easily. These classes are easy to instantiate and provide convenient access methods:

django_ca.subject.Subject handles x509 subjects, e.g. as used in a certificate subject.
django_ca.extensions is a module that includes various classes that represent x509 extensions.

Signals¶

Signals are a way for a developer to execute code whenever an event happens, for example to send out an email whenever a new certificate is issued. django-ca provides some custom signals.