* Rename --ca-file to --os-cacert (--ca-file deprecated for
backward compatibility)
* Add cacert to keystoneclient initialization to verify the
keystone server certificate
This aligns glanceclient with keystoneclient for option naming
and the use of TLS for the keystone auth connection. It does not
change the use of TLS/SSL for the glance connection.
Change-Id: If8b05655aea5f3c62612d77bf947dd790f77eddf
When using https verify that the Common Name (CN) or
the Subject Alternative Name listed in the server's
certificate match the host we are connected to.
Addresses LP bug 1079692.
Change-Id: I24ea1511a2cbdb7c34ce72ac704d7b5e7d57cec2
Use pyOpenSSL for HTTPS connections.
This allows:
* Neater loading of system CA files
* Optional disabling of SSL compression
The performance gain from disabling SSL compression is significant
in cases where the image being uploaded/downloaded is in an already
compressed format (eg qcow2).
Related to bp ssl-connect-rework.
Change-Id: I0568b6c95c5fc7b8eafdbd0284e24c453660a55a
Monty Taylor