diff options
author | Pavlo Shchelokovskyy <shchelokovskyy@gmail.com> | 2019-03-18 18:29:45 +0000 |
---|---|---|
committer | Pavlo Shchelokovskyy <pshchelokovskyy@mirantis.com> | 2020-01-14 07:25:29 +0000 |
commit | ee2a3d3032408ff3d12beafd6ae84d75b33f479f (patch) | |
tree | 21f09d163416a59e7d4a50237d608a44f2f3b65f /releasenotes | |
parent | 8d6a9ce190d31daecc7e31fdebd400611b0858c8 (diff) | |
download | glance_store-ee2a3d3032408ff3d12beafd6ae84d75b33f479f.tar.gz |
Re-use swift_store_cacert for Keystone session
pass configured cacert for Swift to the keystoneauth's Session
as well so that the swift endpoint can be resolved from the catalog
when a custom CA bundle is used.
Change-Id: I439f6b5af34c685f72c9b4933c7eb0c77cc92e14
Closes-Bug: #1820817
Diffstat (limited to 'releasenotes')
-rw-r--r-- | releasenotes/notes/bug-1820817-0ee70781918d232e.yaml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml b/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml new file mode 100644 index 0000000..6b78ea1 --- /dev/null +++ b/releasenotes/notes/bug-1820817-0ee70781918d232e.yaml @@ -0,0 +1,11 @@ +--- +fixes: + - | + Swift backend now can use custom CA bundle to verify SSL connection to + Keystone without adding this bundle to global system ones. + For this it re-uses the CA bundle specified as ``swift_store_cacert`` + config option, so this bundle must verify both certificates of Swift and + Keysotne API endpoints. + + For more details see + [`bug 1820817 <https://bugs.launchpad.net/glance-store/+bug/1820817>`_]. |