pki.models.issuing_caΒΆ

Module that contains the IssuingCaModel.

ClassesΒΆ

IssuingCaModel

Issuing CA Model.

Module ContentsΒΆ

class pki.models.issuing_ca.IssuingCaModel(*args, **kwargs)[source]ΒΆ

Bases: trustpoint.logger.LoggerMixin, util.db.CustomDeleteActionModel

Issuing CA Model.

This model contains the configurations of all Issuing CAs available within the Trustpoint.

class IssuingCaTypeChoice(*args, **kwds)[source]ΒΆ

Bases: django.db.models.IntegerChoices

The IssuingCaTypeChoice defines the type of Issuing CA.

Depending on the type other fields may be set, e.g. a credential will only be available for local Issuing CAs.

AUTOGEN_ROOT[source]ΒΆ
AUTOGEN[source]ΒΆ
LOCAL_UNPROTECTED[source]ΒΆ
LOCAL_PKCS11[source]ΒΆ
REMOTE_EST[source]ΒΆ
REMOTE_CMP[source]ΒΆ
unique_name[source]ΒΆ
credential: pki.models.credential.CredentialModel[source]ΒΆ
issuing_ca_type[source]ΒΆ
is_active[source]ΒΆ
created_at[source]ΒΆ
updated_at[source]ΒΆ
last_crl_issued_at[source]ΒΆ
crl_pem[source]ΒΆ
__str__()[source]ΒΆ

Returns a human-readable string that represents this IssuingCaModel entry.

Returns:

Human-readable string that represents this IssuingCaModel entry.

Return type:

str

__repr__()[source]ΒΆ

Returns a string representation of the IssuingCaModel instance.

Return type:

str

property common_name: str[source]ΒΆ

Returns common name.

Return type:

str

classmethod create_new_issuing_ca(unique_name, credential_serializer, issuing_ca_type)[source]ΒΆ

Creates a new Issuing CA model and returns it.

Parameters:

  • unique_name (str) – The unique name that will be used to identify the Issuing CA.

  • credential_serializer (trustpoint_core.serializer.CredentialSerializer) – The credential as CredentialSerializer instance. It will be normalized and validated, if it is a valid credential to be used as an Issuing CA.

  • issuing_ca_type (IssuingCaModel) – The Issuing CA type.

Returns:

The newly created Issuing CA model.

Return type:

IssuingCaModel

issue_crl()[source]ΒΆ

Issues a CRL with revoked certificates issued by this CA.

Return type:

bool

property signature_suite: trustpoint_core.oid.SignatureSuite[source]ΒΆ

The signature suite for the CA public key certificate.

Return type:

trustpoint_core.oid.SignatureSuite

property public_key_info: trustpoint_core.oid.PublicKeyInfo[source]ΒΆ

The public key info for the CA certificate’s public key.

Return type:

trustpoint_core.oid.PublicKeyInfo

get_issued_certificates()[source]ΒΆ

Returns certificates issued by this CA, except its own in case of a self-signed CA.

This goes through all active certificates and checks issuance by this CA based on cert.issuer_public_bytes == ca.subject_public_bytes WARNING: This means that it may inadvertently return certificates that were issued by a different CA with the same subject name

Return type:

django.db.models.query.QuerySet[pki.models.certificate.CertificateModel, pki.models.certificate.CertificateModel]

revoke_all_issued_certificates(reason=RevokedCertificateModel.ReasonCode.UNSPECIFIED)[source]ΒΆ

Revokes all certificates issued by this CA.

Parameters:

reason (str)

Return type:

None

pre_delete()[source]ΒΆ

Check for unexpired certificates issued by this CA before deleting it.

Return type:

None

post_delete()[source]ΒΆ

Deletes the credential of this CA after deleting it.

Return type:

None