use v3 api to get certificates

Let Token signing and ca certificates can be accessible at
/v3/OS-SIMPLE-CERT/{ca,certificates}.

Change-Id: I6c82d1f78ba1ff2ab110474623982542610b4d2d
Closes-Bug: #1206345

1 files changed, 9 insertions, 1 deletions

diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py
index 7bed4fe..aeb647e 100644
--- a/keystoneclient/middleware/auth_token.py
+++ b/keystoneclient/middleware/auth_token.py
@@ -1361,7 +1361,15 @@ class AuthProtocol(object):
         return self.cms_verify(data['signed'])
 
     def _fetch_cert_file(self, cert_file_name, cert_type):
-        path = '/v2.0/certificates/' + cert_type
+        if not self.auth_version:
+            self.auth_version = self._choose_api_version()
+
+        if self.auth_version == 'v3.0':
+            if cert_type == 'signing':
+                cert_type = 'certificates'
+            path = '/v3/OS-SIMPLE-CERT/' + cert_type
+        else:
+            path = '/v2.0/certificates/' + cert_type
         response = self._http_request('GET', path)
         if response.status_code != 200:
             raise exceptions.CertificateConfigError(response.text)