[Openstack-security] [Bug 1375857] Re: It's not possibile to pass the cacert to the swift store

Thierry Carrez thierry.carrez+lp at gmail.com
Thu Feb 5 21:57:09 UTC 2015


** Changed in: glance
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1375857

Title:
  It's not possibile to pass the cacert to the swift store

Status in OpenStack Image Registry and Delivery Service (Glance):
  Fix Released
Status in OpenStack Glance backend store-drivers library (glance_store):
  Fix Committed

Bug description:
  The swift store device defined in the glance store doesn't allow to pass the ca cert file. When the driver creates a connection via the swift client it is not possible to pass that value. 
  That means that if we have swift running on TLS in some cases we have to set the insecure option equals to True as the client can't correctly complete the handshake as it fails on the verification of the cert.

  The fix I'd like to propose is to add a new parameter to define the ca
  cert file and pass this value when we create the connection via the
  swift client.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1375857/+subscriptions




More information about the Openstack-security mailing list