0.8.0 beta

Note: Certomancer's initially planned set of features is now more or less complete. While some reorganisation, minor enhancements and bugfixes may still occur, no major new features will be added between this release and 1.0.0.

This release introduces pluggable certificate profiles as a more convenient way of setting up certificate extensions across many certificates at once. Further details and examples are in the documentation.

The following miscellaneous changes are also part of this release:

• The certomancer.registry module was refactored into a package. Since not all original members are reexported at the package level, there may be some degree of breakage in existing calling code.
• Certomancer now attempts (by default) to ensure that it generates only one copy of any given extension on a given certificate (taking into account templates and profiles), since that's typically what you want when generating test certificates. If you really need duplicate extensions, set unique-extensions: false.
• There was a minor bug with the auto-assignment of authorityKeyIdentifier extension, which could fail in some cases if the issuer's certificate did not have a subjectKeyIdentifier extension. Since Certomancer always provides a value for that extension, this bug could only be triggered on user-imported CA certificates that do not conform to RFC 5280.