From 4a78e854266e83f0a074e2447ce2837ee37393c5 Mon Sep 17 00:00:00 2001
From: Ian Cordasco <ian.cordasco@rackspace.com>
Date: Mon, 5 Jan 2015 17:54:03 -0600
Subject: [PATCH] Add swift_store_cacert to config files and docs

Change I5b356170ec82d033204e22f79c862201400a0a31 introduced a new
swift_store configuration option. Prior to accepting that, it was
determined that we needed to add it to the relevant configuration files
and document the option.

DocImpact

Closes-bug: 1375857
Change-Id: I4cbfae3c1ac84d6c85875d34a58dd2a87ae85d6f
---
 doc/source/configuring.rst | 9 +++++++++
 etc/glance-api.conf        | 4 ++++
 etc/glance-cache.conf      | 4 ++++
 3 files changed, 17 insertions(+)

diff --git a/doc/source/configuring.rst b/doc/source/configuring.rst
index 8e75aa8bf9..c08391344d 100644
--- a/doc/source/configuring.rst
+++ b/doc/source/configuring.rst
@@ -689,6 +689,15 @@ Can only be specified in configuration files.
 
 `This option is specific to the Swift storage backend.`
 
+* ``swift_store_cacert``
+
+Can only be specified in configuration files.
+
+Optional. Default: ``None``
+
+A string giving the path to a CA certificate bundle that will allow Glance's
+services to perform SSL verification when communicating with Swift.
+
 Optional. Default: True.
 
 If set to False, disables SSL layer compression of https swift
diff --git a/etc/glance-api.conf b/etc/glance-api.conf
index f00c8b8fcb..8e8008fef8 100644
--- a/etc/glance-api.conf
+++ b/etc/glance-api.conf
@@ -600,6 +600,10 @@ swift_enable_snet = False
 # Bypass SSL verification for Swift
 #swift_store_auth_insecure = False
 
+# The path to a CA certificate bundle file to use for SSL verification when
+# communicating with Swift.
+#swift_store_cacert =
+
 # ============ S3 Store Options =============================
 
 # Address where the S3 authentication service lives
diff --git a/etc/glance-cache.conf b/etc/glance-cache.conf
index a269138937..ec5117f579 100644
--- a/etc/glance-cache.conf
+++ b/etc/glance-cache.conf
@@ -102,6 +102,10 @@ swift_store_large_object_chunk_size = 200
 # Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/
 swift_enable_snet = False
 
+# The path to a CA certificate bundle file to use for SSL verification when
+# communicating with Swift.
+#swift_store_cacert =
+
 # ============ S3 Store Options =============================
 
 # Address where the S3 authentication service lives