Custom CA certificate for verifying SSL connections

The various OpenStack client libaries support specifying a SSL
certificate that should be used to verify the SSL-connection, but
this option was not exposed in the horizon options. This patch
implements that. Note that although some clients do implement a
cacert-parameter, they do not necessarily actually verify the
certificate (Swift).

Change-Id: I9dfbd48a0d96103421da7d884e839d591a90cab1
Implements: blueprint ssl-cacert
This commit is contained in:
Jasper Capel 2013-08-28 13:21:19 +02:00
parent 7054359d95
commit a91d963d0c
2 changed files with 3 additions and 0 deletions

View File

@ -32,12 +32,14 @@ def format_parameters(params):
def heatclient(request, password=None):
api_version = "1"
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
endpoint = base.url_for(request, 'orchestration')
LOG.debug('heatclient connection created using token "%s" and url "%s"' %
(request.user.token.id, endpoint))
kwargs = {
'token': request.user.token.id,
'insecure': insecure,
'ca_file': cacert,
'username': request.user.username,
'password': password
#'timeout': args.timeout,

View File

@ -334,6 +334,7 @@ class APITestCase(TestCase):
None,
preauthtoken=mox.IgnoreArg(),
preauthurl=mox.IgnoreArg(),
cacert=None,
auth_version="2.0") \
.AndReturn(self.swiftclient)
expected_calls -= 1