tiny_ca.const module¶
const.py
Package-level constants and enumerations shared across all tiny_ca modules.
Module-level contents¶
ALLOWED_CERT_EXTENSIONS– whitelist of file extensions accepted by theCA file loader and storage layer.
CertType– enumeration of certificate categories used toembed a human-readable type prefix into X.509 serial numbers.
- tiny_ca.const.ALLOWED_CERT_EXTENSIONS: tuple[str, ...] = ('.key', '.pem', '.csr')¶
Tuple of file extensions that the CA loader and storage validator accept.
Any path whose suffix is not in this tuple will be rejected by
CAFileLoader._validate_filewith aWrongTypeexception.
- class tiny_ca.const.CertType(value)[source]¶
Bases:
EnumEnumeration of certificate categories issued by the CA.
Each member carries a short string value that is used as a human-readable prefix when encoding serial numbers via
_PrefixRegistryandSerialWithEncoding. The prefix makes it possible to identify the certificate category directly from a hex dump of the serial number without any additional tooling.Members¶
- USER“USR”
End-user personal certificate. Issued to individual people for authentication, email signing, or client TLS.
- SERVICE“SVC”
Service or application certificate. Issued to software services, microservices, or API endpoints that need mutual TLS or code signing.
- DEVICE“DEV”
Device certificate. Issued to physical or virtual devices (IoT nodes, network equipment) that authenticate to the infrastructure.
- INTERNAL“INT”
Internal infrastructure certificate. Issued to internal components such as monitoring agents, message brokers, or CI runners that need identity but are not user-facing.
- CA“CA”
Certificate Authority certificate. Used for the root or intermediate CA itself;
BasicConstraints(ca=True)is always set for this type.
Notes
The string values are also stored in the
key_typecolumn ofCertificateRecordso that certificate categories are human-readable in direct SQL queries.Examples
>>> CertType.SERVICE.value 'SVC' >>> CertType("DEV") <CertType.DEVICE: 'DEV'>
- CA = 'CA'¶
- DEVICE = 'DEV'¶
- INTERNAL = 'INT'¶
- SERVICE = 'SVC'¶
- USER = 'USR'¶