From ca014eba80f61c934238584915922ba5cc3a48ac Mon Sep 17 00:00:00 2001
From: David Lyle <david.lyle@hp.com>
Date: Wed, 13 Nov 2013 16:59:29 -0700
Subject: [PATCH] Documenting OPENSTACK_SSL_CACERT

Partial-bug: #1221115

Change-Id: I0aa0ed1d871cd72fe3375ec8afdf0588073a382f
---
 doc/source/topics/settings.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/doc/source/topics/settings.rst b/doc/source/topics/settings.rst
index 3341f3908b..7d71be9534 100644
--- a/doc/source/topics/settings.rst
+++ b/doc/source/topics/settings.rst
@@ -189,6 +189,18 @@ Default: ``False``
 Disable SSL certificate checks in the OpenStack clients (useful for self-signed
 certificates).
 
+``OPENSTACK_SSL_CACERT``
+------------------------
+
+Default: ``None``
+
+When unset or set to ``None`` the default CA certificate on the system is used
+for SSL verification.
+
+When set with the path to a custom CA certificate file, this overrides use of
+the default system CA certificate. This custom certificate is used to verify all
+connections to openstack services when making API calls.
+
 ``OPENSTACK_KEYSTONE_BACKEND``
 ------------------------------