Browse code
Merge "Do not set OS_CACERT if there is no CA cert"
Jenkins authored on 2015/05/22 08:28:28Showing 1 changed files
| ... | ... |
@@ -78,8 +78,14 @@ export OS_IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-2.0}
|
| 78 | 78 |
# |
| 79 | 79 |
export OS_AUTH_URL=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:5000/v${OS_IDENTITY_API_VERSION}
|
| 80 | 80 |
|
| 81 |
-# Set the pointer to our CA certificate chain. Harmless if TLS is not used. |
|
| 82 |
-export OS_CACERT=${OS_CACERT:-$INT_CA_DIR/ca-chain.pem}
|
|
| 81 |
+# Set OS_CACERT to a default CA certificate chain if it exists. |
|
| 82 |
+if [[ ! -v OS_CACERT ]] ; then |
|
| 83 |
+ DEFAULT_OS_CACERT=$INT_CA_DIR/ca-chain.pem |
|
| 84 |
+ # If the file does not exist, this may confuse preflight sanity checks |
|
| 85 |
+ if [ -e $DEFAULT_OS_CACERT ] ; then |
|
| 86 |
+ export OS_CACERT=$DEFAULT_OS_CACERT |
|
| 87 |
+ fi |
|
| 88 |
+fi |
|
| 83 | 89 |
|
| 84 | 90 |
# Currently novaclient needs you to specify the *compute api* version. This |
| 85 | 91 |
# needs to match the config of your catalog returned by Keystone. |