TLS Certificates Interface

Canonical Telco Publisher

Platform:

Architecture:

Base version:

Channel	Revision	Published	Runs on
latest/edge	268	22 Apr 2026	Ubuntu 22.04 Ubuntu 20.04
latest/edge	19	10 Feb 2023	Ubuntu 22.04 Ubuntu 20.04

juju deploy tls-certificates-interface --channel edge

Learn to deploy on juju >

Relevant links

Homepage

Share your thoughts on this charm with the community on discourse.

Join the discussion

Recommended Configuration Options

For charms that expose public HTTPS endpoints, certificate attributes should be decided at deployment time by users. Therefore, we recommend to have the following Juju configuration options:

common_name
sans_dns
organization
organizational_unit
email_address
country_name
state_or_province_name
locality_name

The charm should use those values when instantiating the and create the appropriate CertificateRequest object from those.


class TLSRequirerExample(ops.CharmBase):

    def __init__(self, framework: ops.Framework):
        super().__init__(framework)
        self.certificates = TLSCertificatesRequiresV4(
            charm=self,
            relationship_name="certificates",
            certificate_requests=[self._get_certificate_request()],
            mode=Mode.UNIT,
        )

    def _get_certificate_request(self) -> CertificateRequest:
        return CertificateRequest(
            common_name=self._get_config_common_name(),
            sans_dns=self._get_sans_dns(),
            organization=self._get_config_organization(),
            organizational_unit=self._get_config_organizational_unit(),
            email_address=self._get_config_email_address(),
            country_name=self._get_config_country_name(),
            state_or_province_name=self._get_config_state_or_province_name(),
            locality_name=self._get_config_locality_name(),
        )

    def _get_config_common_name(self) -> str:
        return self.model.config["common-name"]

    def _get_sans_dns(self) -> Optional[list[str]]:
        return self.model.config.get("sans-dns")

    def _get_config_organization(self) -> str:
        return self.model.config["organization"]

    def _get_config_organizational_unit(self) -> str:
        return self.model.config["organizational-unit"]

    def _get_config_email_address(self) -> str:
        return self.model.config["email-address"]

    def _get_config_country_name(self) -> str:
        return self.model.config["country-name"]

    def _get_config_state_or_province_name(self) -> str:
        return self.model.config["state-or-province-name"]

    def _get_config_locality_name(self) -> str:
        return self.model.config["locality-name"]

Help improve this document in the forum (guidelines). Last updated 1 year, 8 months ago.