1.17.0 (2020-12-30)

  • New CA_DEFAULT_CA setting to consistently configure the CA used by default.

  • Fix the --issuer-alt-name option for manage.py init_ca and manage.py edit_ca.

  • Correctly handle IDNA domain names in URLs and certificates.

  • Preliminary ACMEv2 support (disabled by default).

  • CAs have new fields caa_identity, website and terms_of_service, which are used by ACME.

  • Add support for Python 3.9.

  • Add support for cryptography 3.1, 3.2 and 3.3.

  • Start linting code with pylint.

  • Secure CSRF and session cookies using Django’s SESSION_COOKIE_SECURE, CSRF_COOKIE_HTTPONLY and CSRF_COOKIE_SECURE settings.

Docker (Compose)

  • Add thorough Quickstart with Docker Compose.

  • Collect static files on startup instead of during build. The latter causes problems with image updates.

  • Make manage.py available as the manage shortcut.

  • Add several security related headers to the admin interface (CSP, etc).

  • Include a template for a complete TLS configuration.

Backwards incompatible changes

  • Drop support for Python 3.5.

  • Drop support for cryptography 2.7.

  • Drop support for Celery 4.2.

  • Drop support for idna 2.8.

Deprecation notices

  • This is the last release to support Celery 4.3 and 4.4.

  • This is the last release to support cryptography 2.8 and 2.9.

  • This is the last release to support Django 3.0 (2.2 LTS will still be supported).

  • This is the last release to support idna 2.9.

  • This is the last release to support Alpine 3.10.