Support of custom CA to verify S3 HTTPS endpoint

Bug #1936217 reported by Nobuto Murata
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Glance Charm
New
Undecided
Unassigned

Bug Description

Now we can use an external S3 backend for Glance as follows:
https://opendev.org/openstack/charm-glance#external-s3

However, when the S3 compatible storage's HTTPS endpoint is signed by a custom CA and if it's not the same custom CA with other OpenStack endpoints, then Glance will fail to connect to the storage with cert verification error.

An additional option to specify the custom CA for the S3 endpoint is required to support that scenario like other charms:
https://jaas.ai/gnocchi#charm-config-trusted-external-ca-cert
https://jaas.ai/u/openstack-charmers/trilio-data-mover#charm-config-tv-s3-ssl-cert

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.