diff --git a/doc/source/configuring.rst b/doc/source/configuring.rst
index 8e75aa8bf9..c08391344d 100644
--- a/doc/source/configuring.rst
+++ b/doc/source/configuring.rst
@@ -689,6 +689,15 @@ Can only be specified in configuration files.
 
 `This option is specific to the Swift storage backend.`
 
+* ``swift_store_cacert``
+
+Can only be specified in configuration files.
+
+Optional. Default: ``None``
+
+A string giving the path to a CA certificate bundle that will allow Glance's
+services to perform SSL verification when communicating with Swift.
+
 Optional. Default: True.
 
 If set to False, disables SSL layer compression of https swift
diff --git a/etc/glance-api.conf b/etc/glance-api.conf
index f00c8b8fcb..8e8008fef8 100644
--- a/etc/glance-api.conf
+++ b/etc/glance-api.conf
@@ -600,6 +600,10 @@ swift_enable_snet = False
 # Bypass SSL verification for Swift
 #swift_store_auth_insecure = False
 
+# The path to a CA certificate bundle file to use for SSL verification when
+# communicating with Swift.
+#swift_store_cacert =
+
 # ============ S3 Store Options =============================
 
 # Address where the S3 authentication service lives
diff --git a/etc/glance-cache.conf b/etc/glance-cache.conf
index a269138937..ec5117f579 100644
--- a/etc/glance-cache.conf
+++ b/etc/glance-cache.conf
@@ -102,6 +102,10 @@ swift_store_large_object_chunk_size = 200
 # Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/
 swift_enable_snet = False
 
+# The path to a CA certificate bundle file to use for SSL verification when
+# communicating with Swift.
+#swift_store_cacert =
+
 # ============ S3 Store Options =============================
 
 # Address where the S3 authentication service lives