Merge "Re-use swift_store_cacert for Keystone session"

author: Zuul <zuul@review.opendev.org> 2020-03-26 05:11:47 +0000
committer: Gerrit Code Review <review@openstack.org> 2020-03-26 05:11:47 +0000
commit: 934759d721356466b3455300423a384a97d00deb (patch)
tree: d079e78cfc3037c2475d14f6dc218963c0b5c5ec /releasenotes
parent: de7445cb7301d3eb944b5e0709a4e0308255cae9 (diff)
parent: ee2a3d3032408ff3d12beafd6ae84d75b33f479f (diff)
download: glance_store-934759d721356466b3455300423a384a97d00deb.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml b/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml
new file mode 100644
index 0000000..6b78ea1
--- /dev/null
+++ b/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml
@@ -0,0 +1,11 @@
+---
+fixes:
+  - |
+    Swift backend now can use custom CA bundle to verify SSL connection to
+    Keystone without adding this bundle to global system ones.
+    For this it re-uses the CA bundle specified as ``swift_store_cacert``
+    config option, so this bundle must verify both certificates of Swift and
+    Keysotne API endpoints.
+
+    For more details see
+    [`bug 1820817 <https://bugs.launchpad.net/glance-store/+bug/1820817>`_].
author	Zuul <zuul@review.opendev.org>	2020-03-26 05:11:47 +0000
committer	Gerrit Code Review <review@openstack.org>	2020-03-26 05:11:47 +0000
commit	934759d721356466b3455300423a384a97d00deb (patch)
tree	d079e78cfc3037c2475d14f6dc218963c0b5c5ec /releasenotes
parent	de7445cb7301d3eb944b5e0709a4e0308255cae9 (diff)
parent	ee2a3d3032408ff3d12beafd6ae84d75b33f479f (diff)
download	glance_store-934759d721356466b3455300423a384a97d00deb.tar.gz