**WARNING:** docker-compose users: See [the update notes](https://django-ca.readthedocs.io/en/stable/update.html#update-119) or you might loose private keys!
* Implement DNS-01 validation for ACMEv2. Note that ACMEv2 support is still experimental and disabled by default.
* Support rendering distinguished names with any NameOID known to cryptography.
* Support creating certificates with a subject containing a `dnQualifier`, `PC`, `DC`, `title`, `uid` and `serialNumber`.
* Only fetch expected number of bytes when validating ACME challenges via HTTP to prevent DOS attacks.
* Ensure that a certificates `issuer` always matches the `subject` from the CA that signed it.
* Fix `manage.py regenerate_ocsp_key` with celery enabled.
* Fix parsing of ASN.1 OtherNames from the command line. Previously, `UTF8` strings where not DER encoded.
* Fix ACMEv2 paths in NGINX configuration included in Docker images.
* Include a healthcheck script for uWSGI in the Docker image. Because the image is also shared for the Celery worker, it is not enabled by default, but the docker-compose configuration enables it.
* Add support for creating certificates with Boolean, Null, Integer, UniversalString, IA5String, GeneralizedTime and UTCTime values in the format described in [ASN1_GENERATE_NCONF(3SSL)](https://manpages.debian.org/ASN1_GENERATE_NCONF.3SSL).
* Preliminary support for OpenSSH CAs via `EdDSA` keys.
* The Docker image is now based on `python:3.10-alpine3.14`.
* Add support for Python 3.10.
* Add support for cryptography 35.0.0.
* Add support for idna 3.0, 3.1 and 3.2.
Backwards incompatible changes
* Drop support for cryptography 3.0, 3.1 and 3.2.
* Remove support for configuring absolute paths for manually configured [django_ca.views.OCSPView](https://django-ca.readthedocs.io/en/stable/python/views.html#django_ca.views.OCSPView). This functionality was officially supposed to be removed in django-ca 1.14.0.
Minor non-functional changes
* The whole source code is now type hinted.
* Consistently use f-strings for faster string formatting.
* Documentation is now always generated in nitpicky mode and with warnings turned into errors.
* Remove the now redundant `html-check` target for documentation generation.
Deprecation notices
* This is the last release to support Python 3.6.
* This is the last release to support Django 3.1.
* This is the last release to support `idna<=3.1`.
* The `issuer_name` field in a profile is deprecated and no longer has any effect. The parameter will be removed in django-ca 1.22.