* Add support for Django 3.0.
* The docker image is now based on Alpine Linux 3.11.
* The default project now supports configuring django-ca using YAML configuration files. Configuration using `localsettings.py` is now deprecated and will be removed in `django-ca>=1.18.0`.
* Start supporting Celery tasks to allow running tasks in a distributed, asynchronous task queue. Some tasks will automatically be run with Celery if it is enabled. Celery is used automatically if installed, but can always be disabled by setting `CA_USE_CELERY=False`.
* Drop dependency `six` (since we no longer support Python 2.7).
* Allow caching of CRLs via `manage.py cache_crls`.
* The `manage.py init_ca` command will now automatically cache CRLs and generate OCSP keys for the new CA.
* Support `POSTGRES_*` and `MYSQL_*` environment variables to configure database access credentials in the same way as the Docker images for PostgreSQL and MySQL do.
* There now are [setuptools extras](https://packaging.python.org/tutorials/installing-packages/#installing-setuptools-extras) for `redis` and `celery`, so you can install all required dependencies at once.
* Add `CA_PASSWORDS` setting to allow you to set the passwords for CAs with encrypted private keys. This is required for automated tasks where the private key is required.
* Add `CA_CRL_PROFILES` setting to configure automatically generated CRLs. Note that this setting will likely be moved to a more general setting for automatic tasks in future releases.
* `django_ca.extensions.AuthorityKeyIdentifier` now also supports issuers and serials.
* `django_ca.utils.parse_general_name()` now returns a `cryptography.x509.GeneralName` unchanged, but throws an error if the name isn't a `str` otherwise.
* New class `django_ca.utils.GeneralNameList` for extensions that store a list of general names.
* Add support for the `django_ca.extensions.FreshestCRL` extension.
* Store CA private keys in the `ca/` subdirectory by default, the directory can be configured using `manage.py init_ca --path=...`.
Backwards incompatible changes
* Drop support for Python 2.7.
* Drop support for cryptography 2.5 and 2.6.
* Drop support for Alpine 3.8 (because PostgreSQL and MySQL depend on libressl).
* Removed the `manage.py migrate_ca` command. If you upgrade from before [1.12.0](https://django-ca.readthedocs.io/en/latest/changelog.html#changelog-1-12-0), upgrade to [1.14.0](https://django-ca.readthedocs.io/en/latest/changelog.html#changelog-1-14-0) first and [update file storage](https://django-ca.readthedocs.io/en/latest/update.html#update-file-storage).
* Removed the `ca_crl` setting in `django_ca.views.CertificateRevocationListView`, use `scope` instead.
Docker
* Add a [docker-compose.yml](https://django-ca.readthedocs.io/en/latest/docker.html#docker-compose) file to quickly launch a complete service stack.
* Add support for Celery, MySQL, PostgreSQL and Redis.
* Change the working directory to `/usr/src/django-ca/ca`, so manage.py can now be invoked using `python manage.py` instead of `python ca/manage.py`.
* Add a Celery startup script (`./celery.sh`).
* Add a nginx configuration template at `nginx/default.template`.
* Static files are now included in a "collected" form, so they don't have to collected on startup.
* Generate OCSP keys and cache CRLs on startup.
* Use [BuildKit](https://docs.docker.com/develop/develop-images/build_enhancements/) to massively speed up the Docker image build.
Bugfixes
* Fix generation of CRLs and OCSP keys for CAs with a DSA private key.
* Fix storing an empty list of CRL URLs in some corner cases (when the function receives an empty list).
* Fix naming CAs via serial on the command line if the serial starts with a zero.
* Consistently style serials in a monospace font in admin interface.
* The `ocsp` profile used for OCSP keys no longer copies the CommonName (which is the same as in the CA) to to the SubjectAlternativeName extension. The CommonName is frequently a human-readable name in CAs.
Deprecation notices
* This is the last release to support Django 1.11 and 2.1.
* The Django project included in this git repository will stop loading `localsetttings.py` files in `django-ca>=1.18.0`.
* `Certificate.objects.init()` and `django_ca.profiles.get_cert_profile_kwargs` were deprecated in [1.14.0](https://django-ca.readthedocs.io/en/latest/changelog.html#changelog-1-14-0) and will be removed in `django-ca==1.16.0`. Use `Certificate.objects.create_cert()` instead.
* The format for the `CA_PROFILES` setting has changed in [1.14.0](https://django-ca.readthedocs.io/en/latest/changelog.html#changelog-1-14-0). Support for the old format will be removed in `django-ca==1.17.0`. Please see the [migration instructions](https://django-ca.readthedocs.io/en/latest/profiles.html#profiles-pre-114-migration) for what to change.