This guide provides instructions for running your own certificate authority as a Django app in your existing Django project. This setup allows you to integrate django-ca into an existing Django deployment.
In this guide we do not cover creating your own Django project, deployment strategies or regular Python or Django development.
requirements-as-py
You do not need any special software besides Python or later and a recent version of pip.
If you want to use ACMEv2 or Celery, you need a cache that shares data between individual processes. From the backends included in Django, Memcached and Redis do this. This document configures Redis as a cache.
It is strongly recommended that you run a Celery task queue. If you do, you need a message transport like RabbitMQ or Redis. Redis is used in the examples below, because it is easiest to set up and doubles as a cache.
If you're using an older system, the table blow lists what versions of Python, Django and cryptography where tested with what release (changes to previous versions in bold):
django-ca | Python | Django | cryptography | Celery | acme | pydantic |
---|---|---|---|---|---|---|
1.29 | 3.9 - 3.12 | 4.2 - 5.0 | 42 | 5.3 - 5.4 | 2.9 - 2.10 | 2.5 - 2.7 |
1.28 1.27 1.26 1.25 1.24 1.23 1.22 1.21 1.20 |
3.8 - 3.12 3.8 - 3.12 3.8 - 3.11 3.8 - 3.11 3.8 - 3.11 3.8 - 3.11 3.7 - 3.11 3.7 - 3.10 3.7 - 3.10 |
4.2 - 5.0 3.2, 4.2 3.2, 4.1 - 4.2 3.2, 4.1 - 4.2 3.2, 4.1 - 4.2 3.2, 4.1 3.2 - 4.1 3.2 - 4.0 2.2, 3.2 - 4.0 |
41 - 42 41 40 - 41 37, 39 - 41 37, 39 - 40 37 - 39 36 - 38 35 - 37 3.4 - 36 |
5.3 5.3 5.2 - 5.3 5.1 - 5.3 5.1 - 5.2 5.1 - 5.2 5.1 - 5.2 5.0 - 5.2 5.0 - 5.2 |
2.7 - 2.9 2.6 - 2.7 2.5 - 2.6 2.3 - 2.6 2.2 - 2.5 2.1 - 2.2 1.27 - 2.1 1.23 - 1.25 1.22 |
2.5 - 2.6 |
Note that we don't deliberately break support for older versions, we merely stop testing it. You can try your luck with older versions.
For a minimal installation, you can install django-ca via pip:
user@host:~$ pip install django-ca
There are several extras available, the celery
and redis
extras are strongly recommended:
To install django-ca with one or more extras, use the regular pip syntax:
user@host:~$ pip install django-ca[celery,redis]
Simply add django_ca
to your INSTALLED_APPS
(and if you don't use it already, django_object_actions
), as well as a few other required settings:
/include/quickstart_as_app/settings.py
Please check out /settings
for settings specific to django-ca.
You also need to include the URLs in your main urls.py
:
/include/quickstart_as_app/urls.py
You can verify (some) aspects of the setup using Django system checks:
user@host:~$ python manage.py check --deploy
Finally, invoke the regular manage.py
commands when you add new apps:
user@host:~$ python manage.py migrate
user@host:~$ python manage.py collectstatic
After that, django-ca should show up in your admin interface (see /web_interface
) and provide various manage.py
commands (see /cli/intro
).
All functionality is available as custom Django's manage.py commands.
manage-as-py
guide-as-app-where-to-go
You can update django-ca like any other Django app:
user@host:~$ pip install -U django-ca
user@host:~$ python manage.py migrate
user@host:~$ python manage.py collectstatic