Custom CA certificate for verifying SSL connections
The various OpenStack client libaries support specifying a SSL certificate that should be used to verify the SSL-connection, but this option was not exposed in the horizon options. This patch implements that. Note that although some clients do implement a cacert-parameter, they do not necessarily actually verify the certificate (Swift). Change-Id: I9dfbd48a0d96103421da7d884e839d591a90cab1 Implements: blueprint ssl-cacert
This commit is contained in:
parent
7054359d95
commit
a91d963d0c
|
@ -32,12 +32,14 @@ def format_parameters(params):
|
|||
def heatclient(request, password=None):
|
||||
api_version = "1"
|
||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||
endpoint = base.url_for(request, 'orchestration')
|
||||
LOG.debug('heatclient connection created using token "%s" and url "%s"' %
|
||||
(request.user.token.id, endpoint))
|
||||
kwargs = {
|
||||
'token': request.user.token.id,
|
||||
'insecure': insecure,
|
||||
'ca_file': cacert,
|
||||
'username': request.user.username,
|
||||
'password': password
|
||||
#'timeout': args.timeout,
|
||||
|
|
|
@ -334,6 +334,7 @@ class APITestCase(TestCase):
|
|||
None,
|
||||
preauthtoken=mox.IgnoreArg(),
|
||||
preauthurl=mox.IgnoreArg(),
|
||||
cacert=None,
|
||||
auth_version="2.0") \
|
||||
.AndReturn(self.swiftclient)
|
||||
expected_calls -= 1
|
||||
|
|
Loading…
Reference in New Issue