Enumerations¶

Type-safe enumerations used throughout the library.

ChallengeType¶

class acmeow.ChallengeType[source]¶

Bases: StrEnum

ACME challenge types for domain validation.

The ACME protocol supports multiple challenge types for proving control over a domain. This library supports DNS-01, HTTP-01, and TLS-ALPN-01.

DNS = 'dns-01'¶

Prove control by creating a DNS TXT record.

Type:: DNS-01 challenge

HTTP = 'http-01'¶

Prove control by serving a file over HTTP.

Type:: HTTP-01 challenge

TLS_ALPN = 'tls-alpn-01'¶

Prove control by serving a special TLS certificate.

Type:: TLS-ALPN-01 challenge

__new__(value)¶

IdentifierType¶

class acmeow.IdentifierType[source]¶

Bases: StrEnum

ACME identifier types.

Identifiers specify what the certificate will be issued for. DNS identifiers (domain names) are the most common.

DNS = 'dns'¶

A domain name (e.g., example.com).

Type:: DNS identifier

IP = 'ip'¶

An IP address (requires ACME server support).

Type:: IP identifier

__new__(value)¶

KeyType¶

class acmeow.KeyType[source]¶

Bases: StrEnum

Cryptographic key types for certificate private keys.

Specifies the algorithm and key size for the certificate’s private key. RSA keys offer broader compatibility, while EC keys provide equivalent security with smaller key sizes.

RSA2048 = 'rsa2048'¶: RSA with 2048-bit key (minimum recommended size).

RSA3072 = 'rsa3072'¶: RSA with 3072-bit key (good balance of security and performance).

RSA4096 = 'rsa4096'¶: RSA with 4096-bit key (high security).

RSA8192 = 'rsa8192'¶: RSA with 8192-bit key (maximum security, slow).

EC256 = 'ec256'¶: ECDSA with P-256 curve (equivalent to RSA 3072).

EC384 = 'ec384'¶: ECDSA with P-384 curve (equivalent to RSA 7680).

classmethod get_all()[source]¶

Return all supported key types.

Return type:: list[KeyType]
Returns:: List of all KeyType enumeration values.

classmethod get_rsa_types()[source]¶

Return all RSA key types.

Return type:: list[KeyType]
Returns:: List of RSA KeyType enumeration values.

classmethod get_ec_types()[source]¶

Return all EC key types.

Return type:: list[KeyType]
Returns:: List of EC KeyType enumeration values.

__new__(value)¶

OrderStatus¶

class acmeow.OrderStatus[source]¶

Bases: StrEnum

ACME order status values.

Orders progress through these states during the certificate issuance process.

PENDING = 'pending'¶: Order created, authorizations not yet completed.

READY = 'ready'¶: All authorizations completed, ready for finalization.

PROCESSING = 'processing'¶: CSR submitted, certificate being issued.

VALID = 'valid'¶: Certificate issued and available for download.

INVALID = 'invalid'¶: Order failed and cannot be completed.

__new__(value)¶

AuthorizationStatus¶

class acmeow.AuthorizationStatus[source]¶

Bases: StrEnum

ACME authorization status values.

Authorizations prove control over an identifier and progress through these states.

PENDING = 'pending'¶: Authorization created, no challenge completed yet.

VALID = 'valid'¶: Challenge completed successfully.

INVALID = 'invalid'¶: Challenge failed.

DEACTIVATED = 'deactivated'¶: Authorization deactivated by the client.

__new__(value)¶

EXPIRED = 'expired'¶: Authorization expired.

REVOKED = 'revoked'¶: Authorization revoked by the server.

ChallengeStatus¶

class acmeow.ChallengeStatus[source]¶

Bases: StrEnum

ACME challenge status values.

Challenges prove control over a specific identifier and progress through these states.

__new__(value)¶

PENDING = 'pending'¶: Challenge created, waiting for client response.

PROCESSING = 'processing'¶: Challenge response submitted, server is validating.

VALID = 'valid'¶: Challenge completed successfully.

INVALID = 'invalid'¶: Challenge failed validation.

AccountStatus¶

class acmeow.AccountStatus[source]¶

Bases: StrEnum

ACME account status values.

__new__(value)¶

VALID = 'valid'¶: Account is active and can be used.

DEACTIVATED = 'deactivated'¶: Account has been deactivated.

REVOKED = 'revoked'¶: Account has been revoked by the server.

RevocationReason¶

class acmeow.RevocationReason[source]¶

Bases: int, Enum

Certificate revocation reasons per RFC 5280.

These reason codes indicate why a certificate is being revoked. The ACME protocol uses these codes when revoking certificates.

__new__(value)¶

UNSPECIFIED = 0¶: No specific reason provided.

KEY_COMPROMISE = 1¶: The certificate’s private key has been compromised.

CA_COMPROMISE = 2¶: The CA that issued the certificate has been compromised.

AFFILIATION_CHANGED = 3¶: The subject’s affiliation has changed.

SUPERSEDED = 4¶: The certificate has been superseded by a new one.

CESSATION_OF_OPERATION = 5¶: The subject has ceased operations.

CERTIFICATE_HOLD = 6¶: The certificate is temporarily on hold.

REMOVE_FROM_CRL = 8¶: Remove a previously held certificate from CRL.

PRIVILEGE_WITHDRAWN = 9¶: The subject’s privileges have been withdrawn.

AA_COMPROMISE = 10¶: The attribute authority has been compromised.