diff --git a/ansible/roles/cinder/templates/cinder.conf.j2 b/ansible/roles/cinder/templates/cinder.conf.j2 index 7cc75926fd..2066c4db92 100644 --- a/ansible/roles/cinder/templates/cinder.conf.j2 +++ b/ansible/roles/cinder/templates/cinder.conf.j2 @@ -206,6 +206,8 @@ connection_string = {{ osprofiler_backend_connection_string }} {% if enable_barbican | bool %} [barbican] auth_endpoint = {{ keystone_internal_url }} +barbican_endpoint_type = internal +verify_ssl_path = {{ openstack_cacert }} {% endif %} [coordination] diff --git a/ansible/roles/glance/templates/glance-api.conf.j2 b/ansible/roles/glance/templates/glance-api.conf.j2 index 2964503029..50a47bf28c 100644 --- a/ansible/roles/glance/templates/glance-api.conf.j2 +++ b/ansible/roles/glance/templates/glance-api.conf.j2 @@ -124,3 +124,10 @@ trace_sqlalchemy = true hmac_keys = {{ osprofiler_secret }} connection_string = {{ osprofiler_backend_connection_string }} {% endif %} + +{% if enable_barbican | bool %} +[barbican] +auth_endpoint = {{ keystone_internal_url }} +barbican_endpoint_type = internal +verify_ssl_path = {{ openstack_cacert }} +{% endif %} diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 447a5c0aa6..16ef6db36e 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -196,5 +196,6 @@ connection_string = {{ osprofiler_backend_connection_string }} {% if enable_barbican | bool %} [barbican] auth_endpoint = {{ keystone_internal_url }} -cafile = {{ openstack_cacert }} +barbican_endpoint_type = internal +verify_ssl_path = {{ openstack_cacert }} {% endif %} diff --git a/releasenotes/notes/bug-1886615-640e817dfdb93b8a.yaml b/releasenotes/notes/bug-1886615-640e817dfdb93b8a.yaml new file mode 100644 index 0000000000..2b1436f15e --- /dev/null +++ b/releasenotes/notes/bug-1886615-640e817dfdb93b8a.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - | + Fix Castellan (Barbican client) when used with enabled TLS. + `LP#1886615 `__