ACME v2 CA tables for Tigrbl.
Project description
tigrbl_acme_ca
A Tigrbl-native ACME v2 Certificate Authority implementation.
Highlights
- Tables-first design: all I/O derives from
tables/column specs. - Canon verbs: write flows use model-bound ops that alias to built-in Tigrbl verbs.
- Ops/Hooks only use the request
ctxand SQLAlchemy session—no kernel atoms. - HSM/KMS-ready: pluggable key providers (file, KMS, PKCS#11 stubs) and a signing engine.
- OCSP/CRL/CT: hooks and workers to publish CRLs, answer OCSP, and submit to CT logs.
- Compliance: audit/evidence hooks, redaction, and control enforcers.
- Telemetry: Prometheus metrics and OpenTelemetry tracing (optional).
Layout
tables/— database schema (Account, Order, Authorization, Challenge, Certificate, Revocation, Nonce, etc.).app/— AppSpec, TableSpec, ApiSpec.ops/— ACME verbs and guards.services/— RA/VA/CA/Revocation/Audit/Compliance/Integrations.engines/— signing engine and session.key_mgmt/— key provider interfaces + loader.libs/— cert issuance logic and KMS adapter.workers/— background tasks (validation, issuance, revocation).telemetry/— tracing + metrics helpers.adapters/— first-party adapters (JWS parser, HTTP negotiation).
Dev Quickstart
- Install dependencies (pseudo):
pip install -e . # plus your runtime/gateway deps
- Configure a dev CA key:
[acme.ca] key_source = "file" key_path = "ca.key.pem"
- Wire a
signing_engineinto your gateway context:from tigrbl_acme_ca.engines.acme_signing import AcmeSigningEngine engine = AcmeSigningEngine.from_config(app_config) ctx["signing_engine"] = engine
- Hit ACME endpoints:
/.well-known/acme-directory,/acme/new-nonce,/acme/new-account,/acme/new-order.
License
Apache License 2.0 — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tigrbl_acme_ca-0.1.1.dev24.tar.gz.
File metadata
- Download URL: tigrbl_acme_ca-0.1.1.dev24.tar.gz
- Upload date:
- Size: 33.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8be47313b5582eb89fe3a2f07f8ef194408ecac30d8450e83b6722ebed8198e9
|
|
| MD5 |
f7a126f9b5dc6b41366c63f0df0939b0
|
|
| BLAKE2b-256 |
018a0bffd8662d3f0d6746bac0c00d185543b70edcd78110b74298526d4920e6
|
File details
Details for the file tigrbl_acme_ca-0.1.1.dev24-py3-none-any.whl.
File metadata
- Download URL: tigrbl_acme_ca-0.1.1.dev24-py3-none-any.whl
- Upload date:
- Size: 56.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
490f735503e93ddef54a3428e8e2cf4c390e7668d1ac841f7898dfb00ddbaa8b
|
|
| MD5 |
3cfb4896879928d7b229ff75d97f7e22
|
|
| BLAKE2b-256 |
d4fb81f722cdb3d4a9f7a05391986f81b5fd29859ce4bf6f0c1c38bd4908ccd0
|
