ACME v2 CA tables for Tigrbl.
Project description
tigrbl_acme_ca
A Tigrbl-native ACME v2 Certificate Authority implementation.
Highlights
- Tables-first design: all I/O derives from
tables/column specs. - Canon verbs: write flows use model-bound ops that alias to built-in Tigrbl verbs.
- Ops/Hooks only use the request
ctxand SQLAlchemy session—no kernel atoms. - HSM/KMS-ready: pluggable key providers (file, KMS, PKCS#11 stubs) and a signing engine.
- OCSP/CRL/CT: hooks and workers to publish CRLs, answer OCSP, and submit to CT logs.
- Compliance: audit/evidence hooks, redaction, and control enforcers.
- Telemetry: Prometheus metrics and OpenTelemetry tracing (optional).
Layout
tables/— database schema (Account, Order, Authorization, Challenge, Certificate, Revocation, Nonce, etc.).app/— AppSpec, TableSpec, ApiSpec.ops/— ACME verbs and guards.services/— RA/VA/CA/Revocation/Audit/Compliance/Integrations.engines/— signing engine and session.key_mgmt/— key provider interfaces + loader.libs/— cert issuance logic and KMS adapter.workers/— background tasks (validation, issuance, revocation).telemetry/— tracing + metrics helpers.adapters/— first-party adapters (JWS parser, HTTP negotiation).
Dev Quickstart
- Install dependencies (pseudo):
pip install -e . # plus your runtime/gateway deps
- Configure a dev CA key:
[acme.ca] key_source = "file" key_path = "ca.key.pem"
- Wire a
signing_engineinto your gateway context:from tigrbl_acme_ca.engines.acme_signing import AcmeSigningEngine engine = AcmeSigningEngine.from_config(app_config) ctx["signing_engine"] = engine
- Hit ACME endpoints:
/.well-known/acme-directory,/acme/new-nonce,/acme/new-account,/acme/new-order.
License
Apache License 2.0 — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
tigrbl_acme_ca-0.1.1.tar.gz
(33.3 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tigrbl_acme_ca-0.1.1.tar.gz.
File metadata
- Download URL: tigrbl_acme_ca-0.1.1.tar.gz
- Upload date:
- Size: 33.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.0 {"installer":{"name":"uv","version":"0.11.0","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a55a71005781e1354f916fef19f98aaa648cd5c9de38bebe3fdadfbfd68b3436
|
|
| MD5 |
f0532524ed68a05ca23c367a2480506a
|
|
| BLAKE2b-256 |
e3d24574a0e56c14358a65b4814e54b151387c88fee4b6b254a876edacdcad3c
|
File details
Details for the file tigrbl_acme_ca-0.1.1-py3-none-any.whl.
File metadata
- Download URL: tigrbl_acme_ca-0.1.1-py3-none-any.whl
- Upload date:
- Size: 56.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.0 {"installer":{"name":"uv","version":"0.11.0","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dccaf8e0c8745ba637701a91b22cb4653125e91b280b0e202c1ac1dddc6ded62
|
|
| MD5 |
6d5a06a3b333f795da9940a84d5f13b0
|
|
| BLAKE2b-256 |
4e1e9e2b6148746084006d4990d59252672ddf73e1fae0e24c01e31b62865f5f
|
