From 9e3e7e4b163d7fc68fc99e4b296ea686d6d48f6c Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhafer@suse.de>
Date: Thu, 2 Jul 2015 08:37:45 +0200
Subject: [PATCH] Add --insecure flag to openstack command when using
 self-signed certificates

---
 chef/cookbooks/keystone/recipes/server.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/chef/cookbooks/keystone/recipes/server.rb b/chef/cookbooks/keystone/recipes/server.rb
index 3af9d6f8b6..26b68b7342 100644
--- a/chef/cookbooks/keystone/recipes/server.rb
+++ b/chef/cookbooks/keystone/recipes/server.rb
@@ -503,6 +503,8 @@
   openstack_command <<  " --os-identity-api-version #{node[:keystone][:api][:version]} --os-project-domain-id default --os-user-domain-id default"
 end
 
+openstack_command << " --insecure" if keystone_insecure
+
 [:admin, :service, :default].each do |tenant_type|
   tenant = node[:keystone][tenant_type][:tenant]