Fix CA file for API client

If a custom CA file is configured via OPENSTACK_SSL_CACERT, currently communication with Keystone will fail, since the session is not created using this CA file. This change fixes the issue by passing the path to the CA file to the keystoneauth session constructor. Change-Id: Iad1bdea97ed649cc3c8f042dc5dd147b989dfd0e Closes-Bug: #1873736
2020-09-04 15:10:49 +01:00 · 2020-09-04 15:10:49 +01:00 · 59ee1d59a1
parent f832d82016
commit 59ee1d59a1
2 changed files with 7 additions and 1 deletions
--- a/masakaridashboard/api/api.py
+++ b/masakaridashboard/api/api.py
@ -41,7 +41,8 @@ def openstack_connection(request, version=None):
        token=request.user.token.id,
        project_name=request.user.project_name,
        project_id=request.user.tenant_id)
-    session = ks_session.Session(auth=auth)
+    cacert = getattr(settings, 'OPENSTACK_SSL_CACERT')
+    session = ks_session.Session(auth=auth, verify=cacert or True)
    conn = connection.Connection(session=session,
                                 interface=interface,
                                 ha_api_version=version)
--- a/releasenotes/notes/fix-cacert-023407ba61a4bb7a.yaml
+++ b/releasenotes/notes/fix-cacert-023407ba61a4bb7a.yaml
@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Fixes an issue where the dashboard fails to load if communication with the
+    API requires a custom CA certificate.