TLS Certificates Interface

  • Canonical Telco
Channel Revision Published Runs on
latest/edge 130 12 Nov 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 19 10 Feb 2023
Ubuntu 22.04 Ubuntu 20.04
juju deploy tls-certificates-interface --channel edge
Show information

Learn to deploy on juju >

Platform:

Relevant links

Discuss this charm

Share your thoughts on this charm with the community on discourse.

Join the discussion

Recommended Configuration Options

For charms that expose public HTTPS endpoints, certificate attributes should be decided at deployment time by users. Therefore, we recommend to have the following Juju configuration options:

  • common_name
  • sans_dns
  • organization
  • organizational_unit
  • email_address
  • country_name
  • state_or_province_name
  • locality_name

The charm should use those values when instantiating the and create the appropriate CertificateRequest object from those.


class TLSRequirerExample(ops.CharmBase):

    def __init__(self, framework: ops.Framework):
        super().__init__(framework)
        self.certificates = TLSCertificatesRequiresV4(
            charm=self,
            relationship_name="certificates",
            certificate_requests=[self._get_certificate_request()],
            mode=Mode.UNIT,
        )

    def _get_certificate_request(self) -> CertificateRequest:
        return CertificateRequest(
            common_name=self._get_config_common_name(),
            sans_dns=self._get_sans_dns(),
            organization=self._get_config_organization(),
            organizational_unit=self._get_config_organizational_unit(),
            email_address=self._get_config_email_address(),
            country_name=self._get_config_country_name(),
            state_or_province_name=self._get_config_state_or_province_name(),
            locality_name=self._get_config_locality_name(),
        )

    def _get_config_common_name(self) -> str:
        return self.model.config["common-name"]

    def _get_sans_dns(self) -> Optional[list[str]]:
        return self.model.config.get("sans-dns")

    def _get_config_organization(self) -> str:
        return self.model.config["organization"]

    def _get_config_organizational_unit(self) -> str:
        return self.model.config["organizational-unit"]

    def _get_config_email_address(self) -> str:
        return self.model.config["email-address"]

    def _get_config_country_name(self) -> str:
        return self.model.config["country-name"]

    def _get_config_state_or_province_name(self) -> str:
        return self.model.config["state-or-province-name"]

    def _get_config_locality_name(self) -> str:
        return self.model.config["locality-name"]

Help improve this document in the forum (guidelines). Last updated 2 months ago.