certificate-transfer-interface

Certificate Transfer Interface

Channel Revision Published Runs on
latest/edge 147 22 Sep 2025
Ubuntu 22.04
juju deploy certificate-transfer-interface --channel edge
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04

charms.certificate_transfer_interface.v1.certificate_transfer

Library for the certificate_transfer relation.

This library contains the Requires and Provides classes for handling the certificate-transfer interface. It supports both v0 and v1 of the interface.

For requirers, they will set version 1 in their application databag as a hint to the provider. They will read the databag from the provider first as v1, and fallback to v0 if the format does not match.

For providers, they will check the version in the requirer's application databag, and send v1 if that version is set to 1, otherwise it will default to 0 for backwards compatibility.

Getting Started

From a charm directory, fetch the library using charmcraft:

charmcraft fetch-lib charms.certificate_transfer_interface.v1.certificate_transfer
Provider charm

The provider charm is the charm providing public certificates to another charm that requires them.

Example:

from ops.charm import CharmBase, RelationJoinedEvent
from ops.main import main

from lib.charms.certificate_transfer_interface.v1.certificate_transfer import (
    CertificateTransferProvides,
)

class DummyCertificateTransferProviderCharm(CharmBase):
    def __init__(self, *args):
        super().__init__(*args)
        self.certificate_transfer = CertificateTransferProvides(self, "certificates")
        self.framework.observe(
            self.on.certificates_relation_joined, self._on_certificates_relation_joined
        )

    def _on_certificates_relation_joined(self, event: RelationJoinedEvent):
        certificate = "my certificate"
        self.certificate_transfer.add_certificates(certificate)


if __name__ == "__main__":
    main(DummyCertificateTransferProviderCharm)
Requirer charm

The requirer charm is the charm requiring certificates from another charm that provides them.

Example:

import logging

from ops.charm import CharmBase
from ops.main import main

from lib.charms.certificate_transfer_interface.v1.certificate_transfer import (
    CertificatesAvailableEvent,
    CertificatesRemovedEvent,
    CertificateTransferRequires,
)


class DummyCertificateTransferRequirerCharm(CharmBase):
    def __init__(self, *args):
        super().__init__(*args)
        self.certificate_transfer = CertificateTransferRequires(self, "certificates")
        self.framework.observe(
            self.certificate_transfer.on.certificate_set_updated, self._on_certificates_available
        )
        self.framework.observe(
            self.certificate_transfer.on.certificates_removed, self._on_certificates_removed
        )

    def _on_certificates_available(self, event: CertificatesAvailableEvent):
        logging.info(event.certificates)
        logging.info(event.relation_id)

    def _on_certificates_removed(self, event: CertificatesRemovedEvent):
        logging.info(event.relation_id)


if __name__ == "__main__":
    main(DummyCertificateTransferRequirerCharm)

You can integrate both charms by running:

juju integrate <certificate_transfer provider charm> <certificate_transfer requirer charm>

Index

class TLSCertificatesError

Description

Base class for custom errors raised by this library. None

class DataValidationError

Description

Raised when data validation fails. None

class ProviderApplicationData

Description

Provider App databag model. None

class ProviderUnitDataV0

Description

Provider Unit databag v0 model. None

class RequirerApplicationData

Description

Requirer App databag model. None

class CertificateTransferProvides

Description

Certificate Transfer provider class to be instantiated by charms sending certificates. None

Methods

CertificateTransferProvides. __init__( self , charm: CharmBase , relationship_name: str )

CertificateTransferProvides. add_certificates( self , certificates , relation_id )

Add certificates from a set to relation data.

Arguments

certificates (Set[str])

A set of certificate strings in PEM format

relation_id (int)

Juju relation ID

Returns

None

Description

Adds certificate to all relations if relation_id is not provided.

CertificateTransferProvides. remove_all_certificates( self , relation_id )

Remove all certificates from relation data.

Arguments

relation_id (int)

Relation ID

Returns

None

Description

Removes all certificates from all relations if relation_id not given

CertificateTransferProvides. remove_certificate( self , certificate: str , relation_id )

Remove a given certificate from relation data.

Arguments

certificate (str)

Certificate in PEM format that's in the list

relation_id (int)

Relation ID

Returns

None

Description

Removes certificate from all relations if relation_id not given

class CertificatesAvailableEvent

Description

Charm Event triggered when the set of provided certificates is updated. None

Methods

CertificatesAvailableEvent. __init__( self , handle: Handle , certificates , relation_id: int )

CertificatesAvailableEvent. snapshot( self )

Description

Return snapshot. None

CertificatesAvailableEvent. restore( self , snapshot: dict )

Description

Restores snapshot. None

class CertificatesRemovedEvent

Description

Charm Event triggered when the set of provided certificates is removed. None

Methods

CertificatesRemovedEvent. __init__( self , handle: Handle , relation_id: int )

CertificatesRemovedEvent. snapshot( self )

Description

Return snapshot. None

CertificatesRemovedEvent. restore( self , snapshot: dict )

Description

Restores snapshot. None

class CertificateTransferRequirerCharmEvents

Description

List of events that the Certificate Transfer requirer charm can leverage. None

class CertificateTransferRequires

Description

Certificate transfer requirer class to be instantiated by charms expecting certificates. None

Methods

CertificateTransferRequires. __init__( self , charm: CharmBase , relationship_name: str )

Observe events related to the relation.

Arguments

charm

Charm object

relationship_name

Juju relation name

CertificateTransferRequires. get_all_certificates( self , relation_id )

Get transferred certificates.

Arguments

relation_id

The id of the relation to get the certificates from.

Description

If no relation id is given, certificates from all relations will be provided in a concatenated list.

CertificateTransferRequires. is_ready( self , relation: Relation )

Description

Check if the relation is ready by checking that it has valid relation data. None