Fix comment for the ca_certificates_file opt

The directive [certificates]/ca_certificates_file currently has a
confusing comment. This tries to fix it and make it more easy for
Octavia operators to configure the directive.

Change-Id: I99ce408ec886820c056b69696b26be9521740f1c
(cherry picked from commit ee0da827b1)
(cherry picked from commit 20db85fd52)
(cherry picked from commit d69d066606)

etc/octavia.conf

@@ -146,13 +146,21 @@
 # cert_manager = barbican_cert_manager
 # For Barbican authentication (if using any Barbican based cert class)
 # barbican_auth = barbican_acl_auth
-#
-# Region in Identity service catalog to use for communication with the Barbican service.
+
+# Settings for the key manager endpoint (such as Barbican)
+
+# Region in Identity service catalog to use for communication with the key manager service.
 # region_name =
-#
-# Endpoint type to use for communication with the Barbican service.
+
+# Endpoint type to use for communication with the key manager service.
 # endpoint_type = publicURL
 
+# CA certificates file to verify key manager connections when TLS is enabled
+# ca_certificates_file =
+
+# Disable certificate validation on SSL connections
+# insecure = False
+
 [compute]
 # The maximum attempts to retry an action with the compute service.
 # max_retries = 15

octavia/common/config.py

@@ -581,7 +581,8 @@ certificate_opts = [
                default='publicURL',
                help='The endpoint_type to be used for barbican service.'),
     cfg.StrOpt('ca_certificates_file',
-               help=_('CA certificates file path')),
+               help=_('CA certificates file path for the key manager service '
+                      '(such as Barbican).')),
     cfg.BoolOpt('insecure',
                 default=False,
                 help=_('Disable certificate validation on SSL connections ')),