Certificates
Use auth.certificates for the KSeF certificate lifecycle. The SDK sends CSR
and lifecycle requests; your application or certificate tooling still owns key
generation and CSR creation.
Check limits and enrollment data
Section titled “Check limits and enrollment data”limits = auth.certificates.get_limits()print(limits.can_request, limits.enrollment_remaining)
subject = auth.certificates.get_enrollment_data()print(subject.common_name, subject.country_name)Enroll and poll
Section titled “Enroll and poll”enrollment = auth.certificates.enroll( certificate_name="billing-service", certificate_type="authentication", csr="-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----",)
status = auth.certificates.get_enrollment_status( reference_number=enrollment.reference_number,)print(status.status_code, status.certificate_serial_number)Retrieve, query, and revoke
Section titled “Retrieve, query, and revoke”for certificate in auth.certificates.all(status="active"): print(certificate.serial_number, certificate.name, certificate.valid_to)result = auth.certificates.retrieve( certificate_serial_numbers=["0123456789ABCDEF"],)auth.certificates.revoke( certificate_serial_number="0123456789ABCDEF", reason="key_compromise",)Recommended flow
Section titled “Recommended flow”-
Check certificate and enrollment quotas.
-
Fetch enrollment subject data.
-
Generate a private key and CSR outside the SDK.
-
Submit enrollment and persist the reference number.
-
Poll status, retrieve the certificate, and store it with its private key.