requires

TlsRequires

```python TlsRequires(self, endpoint_name, relation_ids=None) ``` The client's side of the interface protocol. The following flags may be set: * `{endpoint_name}.available` Whenever the relation is joined. * `{endpoint_name}.ca.available` When the root CA information is available via the [root_ca][] and [root_ca_chain][] properties. * `{endpoint_name}.ca.changed` When the root CA information has changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm. * `{endpoint_name}.certs.available` When the requested server or client certs are available. * `{endpoint_name}.certs.changed` When the requested server or client certs have changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm. * `{endpoint_name}.server.certs.available` When the server certificates requested by [request_server_cert][] are available via the [server_certs][] collection. * `{endpoint_name}.server.certs.changed` When the requested server certificates have changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm. * `{endpoint_name}.client.certs.available` When the client certificates requested by [request_client_cert][] are available via the [client_certs][] collection. * `{endpoint_name}.client.certs.changed` When the requested client certificates have changed, whether because they have just become available or if they were regenerated by the CA. Once processed this flag should be removed by the charm. The following flags have been deprecated: * `{endpoint_name}.server.cert.available` * `{endpoint_name}.client.cert.available` * `{endpoint_name}.batch.cert.available` [Certificate]: common.md#tls_certificates_common.Certificate [CertificateRequest]: common.md#tls_certificates_common.CertificateRequest [root_ca]: requires.md#requires.TlsRequires.root_ca [root_ca_chain]: requires.md#requires.TlsRequires.root_ca_chain [request_server_cert]: requires.md#requires.TlsRequires.request_server_cert [request_client_cert]: requires.md#requires.TlsRequires.request_client_cert [server_certs]: requires.md#requires.TlsRequires.server_certs [server_certs_map]: requires.md#requires.TlsRequires.server_certs_map [client_certs]: requires.md#requires.TlsRequires.server_certs

client_certs

List of [Certificate][] instances for all available client certs.

client_certs_map

Mapping of client [Certificate][] instances by their `common_name`.

root_ca_cert

Root CA certificate.

root_ca_chain

The chain of trust for the root CA.

server_certs

List of [Certificate][] instances for all available server certs.

server_certs_map

Mapping of server [Certificate][] instances by their `common_name`.

get_ca

```python TlsRequires.get_ca(self) ``` Return the root CA certificate. Same as [root_ca][].

get_chain

```python TlsRequires.get_chain(self) ``` Return the chain of trust for the root CA. Same as [root_ca_chain][].

get_client_cert

```python TlsRequires.get_client_cert(self) ``` Deprecated. Use [request_client_cert][] and the [client_certs][] collection instead. Return a globally shared client certificate and key.

get_server_cert

```python TlsRequires.get_server_cert(self) ``` Deprecated. Use the [server_certs][] collection instead. Return the cert and key of the first server certificate requested.

get_batch_requests

```python TlsRequires.get_batch_requests(self) ``` Deprecated. Use [server_certs_map][] instead. Mapping of server [Certificate][] instances by their `common_name`.

request_server_cert

```python TlsRequires.request_server_cert(self, cn, sans=None, cert_name=None) ``` Request a server certificate and key be generated for the given common name (`cn`) and optional list of alternative names (`sans`). The `cert_name` is deprecated and not needed. This can be called multiple times to request more than one server certificate, although the common names must be unique. If called again with the same common name, it will be ignored.

add_request_server_cert

```python TlsRequires.add_request_server_cert(self, cn, sans) ``` Deprecated. Use [request_server_cert][] instead.

request_server_certs

```python TlsRequires.request_server_certs(self) ``` Deprecated. Just use [request_server_cert][]; this does nothing.

request_client_cert

```python TlsRequires.request_client_cert(self, cn, sans) ``` Request a client certificate and key be generated for the given common name (`cn`) and list of alternative names (`sans`). This can be called multiple times to request more than one client certificate, although the common names must be unique. If called again with the same common name, it will be ignored.