###################
1.21.0 (2022-05-29)
###################

.. WARNING::

   **docker-compose users:**

   * Update from 1.18 or earlier? See :ref:`the update notes <update_119>` or you might loose private keys!
   * Update from 1.20 or earlier? See :ref:`the update notes <update_121-docker-compose>` to switch to named
     volumes.

* Add support for cryptography 37.0 and Alpine Linux 3.16.
* Fix issuing certificates with multiple SubjectAlternativeNames (fixes `issue 86
  <https://github.com/mathiasertl/django-ca/issues/86>`_).
* Fix overriding the default certificate expiry in profiles (fixes `issue 87
  <https://github.com/mathiasertl/django-ca/issues/87>`_).
* Dependencies for ACMEv2 are now non-optional and the ``acme`` extra is now empty (and will be removed in
  ``django-ca==1.23.0``).
* Implement certificate revocation via ACMEv2.
* The :ref:`CA_DEFAULT_SUBJECT <settings-ca-default-subject>` setting should now be a tuple, not a
  dict. Support for using a ``dict`` will be removed in ``django-ca==1.23.0``.
* Add deployment checks (and document them in the quickstart guides) for configurations that don't use a
  shared cache subsystem (see also: `issue 85 <https://github.com/mathiasertl/django-ca/issues/85>`_).
* Fix generation of the SECRET_KEY setting when using docker and docker-compose.
* Document supported environment variables and improve general settings configuration in :doc:`/settings`.
* Switch to named volumes in the docker-compose setup. Please see :ref:`update_121` for update instructions.
* Stop testing individual versions of `idna <https://pypi.org/project/idna/>`_. django-ca uses a minimal
  subset of basic functions that are unlikely to break.

******************************
Backwards incompatible changes
******************************

* Drop support for Django 2.2.
* Drop support for cryptography 3.3 and 3.4.
* Drop support for Alpine 3.12 and 3.13.

*******************
Deprecation notices
*******************

* The ``acme`` extra will be removed in ``django-ca==1.23.0``.
* Support for using a dict for the :ref:`CA_DEFAULT_SUBJECT <settings-ca-default-subject>` setting will be
  removed in ``django-ca==1.23.0``.
* This is the last release to support cryptography 35.0.
* This is the last release to support Celery 5.0 (5.1+ is of course still supported).
* This is the last release to support acme 1.23, 1.24, 1.25 and 1.26.