9cd95366a0
Allow setting options in designate section to specify if want to skip SSL cert check. This makes it possible to work with HTTPS based endpoints, the default behavior of keystoneclient is to always set verify=True however in current code, one cannot either provide a valid CA cert or skip the verification. DocImpact: Introduce two additional options for `[designate]` section in neutron.conf CONF.designate.insecure to allow insecure connections over SSL. CONF.designate.ca_cert for a valid cert when connecting over SSL Change-Id: Ic371cc11d783618c38ee40a18206b0c2a197bb3e Closes-Bug: #1588067
17 lines
708 B
YAML
17 lines
708 B
YAML
---
|
|
prelude: >
|
|
Add options to designate external dns driver
|
|
of neutron for SSL based connections. This makes
|
|
it possible to use neutron with designate in scenario
|
|
where endpoints are SSL based. Users can specify to
|
|
skip cert validation or specify path to a valid cert
|
|
in [designate] section of neutron.conf file.
|
|
features:
|
|
- Two new options are added to `[designate]` section to
|
|
support SSL.
|
|
- First option `insecure` allows to skip SSL validation
|
|
when creating a keystone session to initate a designate client.
|
|
Default value is False, which means to always verify connection.
|
|
- Second option `ca_cert` allows setting path to a valid cert file.
|
|
Default is None.
|