Add more default CA paths

Added the default CA path for Mac OSX as well as the bundled
CA pem that comes with the requests module.

Change-Id: Icb202e04de48b75c43b5ce183e55d2e9e44f72b4
Closes-Bug: #1266581

heatclient/common/http.py

@@ -34,15 +34,19 @@ CHUNKSIZE = 1024 * 64  # 64kB
 def get_system_ca_file():
     """Return path to system default CA file."""
     # Standard CA file locations for Debian/Ubuntu, RedHat/Fedora,
-    # Suse, FreeBSD/OpenBSD
+    # Suse, FreeBSD/OpenBSD, MacOSX, and the bundled ca
     ca_path = ['/etc/ssl/certs/ca-certificates.crt',
                '/etc/pki/tls/certs/ca-bundle.crt',
                '/etc/ssl/ca-bundle.pem',
-               '/etc/ssl/cert.pem']
+               '/etc/ssl/cert.pem',
+               '/System/Library/OpenSSL/certs/cacert.pem',
+               requests.certs.where()]
     for ca in ca_path:
+        LOG.debug("Looking for ca file %s", ca)
         if os.path.exists(ca):
+            LOG.debug("Using ca file %s", ca)
             return ca
-        return None
+    LOG.warn("System ca file could not be found.")
 
 
 class HTTPClient(object):