1.21.0 (2022-05-29)

WARNING docker-compose users

• Update from 1.18 or earlier? See the update notes or you might loose private keys!
• Update from 1.20 or earlier? See the update notes to switch to named volumes.

Updates

• Add support for cryptography 37.0 and Alpine Linux 3.16.
• Fix issuing certificates with multiple SubjectAlternativeNames (fixes #86).
• Fix overriding the default certificate expiry in profiles (fixes #87).
• Dependencies for ACMEv2 are now non-optional and the acme extra is now empty (and will be removed in django-ca==1.23.0).
• Implement certificate revocation via ACMEv2.
• The CA_DEFAULT_SUBJECT setting should now be a tuple, not a dict. Support for using a dict will be removed in django-ca==1.23.0.
• Add deployment checks (and document them in the quickstart guides) for configurations that don't use a shared cache subsystem (see also: #85).
• Fix generation of the SECRET_KEY setting when using docker and docker-compose.
• Document supported environment variables and improve general settings configuration in Settings.
• Switch to named volumes in the docker-compose setup. Please see Update from 1.20.0 or earlier for update instructions.
• Stop testing individual versions of idna. django-ca uses a minimal subset of basic functions that are unlikely to break.

Backwards incompatible changes

• Drop support for Django 2.2.
• Drop support for cryptography 3.3 and 3.4.
• Drop support for Alpine 3.12 and 3.13.

Deprecation notices

• The acme extra will be removed in django-ca==1.23.0.
• Support for using a dict for the CA_DEFAULT_SUBJECT setting will be removed in django-ca==1.23.0.
• This is the last release to support cryptography 35.0.
• This is the last release to support Celery 5.0 (5.1+ is of course still supported).
• This is the last release to support acme 1.23, 1.24, 1.25 and 1.26.