add parameter to set the cert to verify openstack SSL connections

Change-Id: I7c52c629c6d129310230320bda9144462d051cf0
This commit is contained in:
Benedikt Trefzer 2018-07-11 18:46:24 +02:00
parent 5de818f59e
commit 1d6f500262
2 changed files with 9 additions and 0 deletions

View File

@ -190,6 +190,10 @@
# properly configured DNS which will resolve hostnames for SSL endpoints
# Horizon will connect to. (Defaults to false)
#
# [*openstack_ssl_cacert*]
# (optional) The CA certificate to use to verify SSL
# openstack connection.
#
# [*ssl_redirect*]
# (optional) Whether to redirect http to https
# Defaults to True
@ -464,6 +468,7 @@ class horizon(
$http_port = 80,
$https_port = 443,
$ssl_no_verify = false,
$openstack_ssl_cacert = '',
$ssl_redirect = true,
$horizon_cert = undef,
$horizon_key = undef,

View File

@ -337,7 +337,11 @@ OPENSTACK_SSL_NO_VERIFY = True
<% end -%>
# The CA certificate to use to verify SSL connections
<% if @openstack_ssl_cacert == '' -%>
#OPENSTACK_SSL_CACERT = '/path/to/cacert.pem'
<% else -%>
OPENSTACK_SSL_CACERT = '<%= @openstack_ssl_cacert %>'
<% end -%>
# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
# capabilities of the auth backend for Keystone.