Add --os-cacert

Add support to specify a ca certificate bundle to verify
keystone TLS (https) certificates.  This only verifies
certificates on the keystone connection, swift https
connections are unchanged.

Change-Id: I14351b405af4fd3d1970ba6656c1282a5d0a1082

1 files changed, 7 insertions, 0 deletions

diff --git a/bin/swift b/bin/swift
index 3eed210..7c942f4 100755
--- a/bin/swift
+++ b/bin/swift
@@ -42,6 +42,7 @@ def get_conn(options):
                       auth_version=options.auth_version,
                       os_options=options.os_options,
                       snet=options.snet,
+                      cacert=options.os_cacert,
                       insecure=options.insecure)
 
 
@@ -1144,6 +1145,12 @@ Example:
                       default=environ.get('OS_ENDPOINT_TYPE'),
                       help='Openstack Endpoint type. ' \
                            'Defaults to env[OS_ENDPOINT_TYPE]')
+    parser.add_option('--os-cacert',
+                      metavar='<ca-certificate>',
+                      default=environ.get('OS_CACERT'),
+                      help='Specify a CA bundle file to use in verifying a '
+                      'TLS (https) server certificate. '
+                      'Defaults to env[OS_CACERT]')
     parser.add_option('--insecure',
                       action="store_true", dest="insecure", default=False,
                       help='Allow swiftclient to access insecure keystone '