Re-use swift_store_cacert for Keystone session

pass configured cacert for Swift to the keystoneauth's Session as well so that the swift endpoint can be resolved from the catalog when a custom CA bundle is used. Change-Id: I439f6b5af34c685f72c9b4933c7eb0c77cc92e14 Closes-Bug: #1820817
author: Pavlo Shchelokovskyy <shchelokovskyy@gmail.com> 2019-03-18 18:29:45 +0000
committer: Pavlo Shchelokovskyy <pshchelokovskyy@mirantis.com> 2020-01-14 07:25:29 +0000
commit: ee2a3d3032408ff3d12beafd6ae84d75b33f479f (patch)
tree: 21f09d163416a59e7d4a50237d608a44f2f3b65f /releasenotes
parent: 8d6a9ce190d31daecc7e31fdebd400611b0858c8 (diff)
download: glance_store-ee2a3d3032408ff3d12beafd6ae84d75b33f479f.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml b/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml
new file mode 100644
index 0000000..6b78ea1
--- /dev/null
+++ b/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml
@@ -0,0 +1,11 @@
+---
+fixes:
+  - |
+    Swift backend now can use custom CA bundle to verify SSL connection to
+    Keystone without adding this bundle to global system ones.
+    For this it re-uses the CA bundle specified as ``swift_store_cacert``
+    config option, so this bundle must verify both certificates of Swift and
+    Keysotne API endpoints.
+
+    For more details see
+    [`bug 1820817 <https://bugs.launchpad.net/glance-store/+bug/1820817>`_].
author	Pavlo Shchelokovskyy <shchelokovskyy@gmail.com>	2019-03-18 18:29:45 +0000
committer	Pavlo Shchelokovskyy <pshchelokovskyy@mirantis.com>	2020-01-14 07:25:29 +0000
commit	ee2a3d3032408ff3d12beafd6ae84d75b33f479f (patch)
tree	21f09d163416a59e7d4a50237d608a44f2f3b65f /releasenotes
parent	8d6a9ce190d31daecc7e31fdebd400611b0858c8 (diff)
download	glance_store-ee2a3d3032408ff3d12beafd6ae84d75b33f479f.tar.gz