diff options
| author | Ramakrishnan G <rameshg87@gmail.com> | 2015-05-12 10:25:32 -0700 |
|---|---|---|
| committer | Ramakrishnan G <rameshg87@gmail.com> | 2015-05-13 02:33:32 -0700 |
| commit | aa73025c1c3f99252654d2e3875be3866f5e2862 (patch) | |
| tree | 5af31479b228c9781e4f72b95b86ba9b97bc49a8 /ironic/common/swift.py | |
| parent | c7e67d8129b7c502563d3dc5dc812be4d1c8dcac (diff) | |
| download | ironic-aa73025c1c3f99252654d2e3875be3866f5e2862.tar.gz | |
Ironic doesn't use cacert while talking to Swift
Current we have a keystonemiddleware.auth_token.cafile
which is used for talking to Openstack services using https.
Ironic doesn't pass this down to swiftclient for verifying
https connections.
Closes-Bug: 1454353
Change-Id: Id085ea6c0f1d072ec631b9851ddfde96852aca56
Diffstat (limited to 'ironic/common/swift.py')
| -rw-r--r-- | ironic/common/swift.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ironic/common/swift.py b/ironic/common/swift.py index 597c29114..1f9e4410b 100644 --- a/ironic/common/swift.py +++ b/ironic/common/swift.py @@ -48,6 +48,8 @@ CONF.import_opt('auth_version', 'keystonemiddleware.auth_token', group='keystone_authtoken') CONF.import_opt('insecure', 'keystonemiddleware.auth_token', group='keystone_authtoken') +CONF.import_opt('cafile', 'keystonemiddleware.auth_token', + group='keystone_authtoken') LOG = logging.getLogger(__name__) @@ -72,6 +74,7 @@ class SwiftAPI(object): auth_url = keystone.get_keystone_url(auth_url, auth_version) params = {'retries': CONF.swift.swift_max_retries, 'insecure': CONF.keystone_authtoken.insecure, + 'cacert': CONF.keystone_authtoken.cafile, 'user': user, 'tenant_name': tenant_name, 'key': key, |