Configure heat keystone client for SSL when keystone uses SSL When SSL is enabled in Keystone, the path to the Keystone CA file needs to be set in ca_file in the clients_keystone section. Change-Id: Ic324e09b42a96d0ba31e13f8e8042cb3ac24d0b6 Closes-Bug: 1324207

commit: fefd64b878a3e4ecfc2b1b385f47c1d7f7593648 [log] [tgz]
author: Rob Crittenden <rcritten@redhat.com> Tue May 27 22:27:15 2014 -0400
committer: Rob Crittenden <rcritten@redhat.com> Tue May 27 22:27:15 2014 -0400
tree: 142bbf2b233ae3ca9cc76a55a1591826ac9fa8c1
parent: 5069ae9eef30468bff0d610091ad7e0e17a66a4d [diff] [blame]
diff --git a/lib/heat b/lib/heat
index fe75ec9..a9f9f2a 100644
--- a/lib/heat
+++ b/lib/heat

@@ -117,6 +117,10 @@
     iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
     iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR
 
+    if is_ssl_enabled_service "key"; then
+        iniset $HEAT_CONF clients_keystone ca_file $KEYSTONE_SSL_CA
+    fi
+
     # ec2authtoken
     iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
commit	fefd64b878a3e4ecfc2b1b385f47c1d7f7593648	[log] [tgz]
author	Rob Crittenden <rcritten@redhat.com>	Tue May 27 22:27:15 2014 -0400
committer	Rob Crittenden <rcritten@redhat.com>	Tue May 27 22:27:15 2014 -0400
tree	142bbf2b233ae3ca9cc76a55a1591826ac9fa8c1
parent	5069ae9eef30468bff0d610091ad7e0e17a66a4d [diff] [blame]