1.21.0 (2022-05-29)

Warning

docker-compose users:

  • Update from 1.18 or earlier? See the update notes or you might loose private keys!

  • Update from 1.20 or earlier? See the update notes to switch to named volumes.

  • Add support for cryptography 37.0 and Alpine Linux 3.16.

  • Fix issuing certificates with multiple SubjectAlternativeNames (fixes issue 86).

  • Fix overriding the default certificate expiry in profiles (fixes issue 87).

  • Dependencies for ACMEv2 are now non-optional and the acme extra is now empty (and will be removed in django-ca==1.23.0).

  • Implement certificate revocation via ACMEv2.

  • The CA_DEFAULT_SUBJECT setting should now be a tuple, not a dict. Support for using a dict will be removed in django-ca==1.23.0.

  • Add deployment checks (and document them in the quickstart guides) for configurations that don’t use a shared cache subsystem (see also: issue 85).

  • Fix generation of the SECRET_KEY setting when using docker and docker-compose.

  • Document supported environment variables and improve general settings configuration in Custom settings.

  • Switch to named volumes in the docker-compose setup. Please see Update from 1.20.0 or earlier for update instructions.

  • Stop testing individual versions of idna. django-ca uses a minimal subset of basic functions that are unlikely to break.

Backwards incompatible changes

  • Drop support for Django 2.2.

  • Drop support for cryptography 3.3 and 3.4.

  • Drop support for Alpine 3.12 and 3.13.

Deprecation notices

  • The acme extra will be removed in django-ca==1.23.0.

  • Support for using a dict for the CA_DEFAULT_SUBJECT setting will be removed in django-ca==1.23.0.

  • This is the last release to support cryptography 35.0.

  • This is the last release to support Celery 5.0 (5.1+ is of course still supported).

  • This is the last release to support acme 1.23, 1.24, 1.25 and 1.26.