Currently there is no way to provide SSL configuration for Trove, so it
fails e.g. when uploading backups to a secured Swift endpoint. This
patch sets an environment variable (REQUESTS_CA_BUNDLE [1]) understood
by Requests library for Python, so all HTTPS calls done by trove-guest
service will trust the provided CAs.
For Ubuntu Xenial and Fedora a systemd drop-in sets this environment
variable for trove-guest service, so it uses Ubuntu's/Fedora's system
certificate store to validate server certificates.
For Ubuntu Trusty the upstart script is modified to build and use a
bundle file from certificates in /usr/local/share/ca-certificates,
because Requests library doesn't support CA directories in such old
Python versions.
On Ubuntu systems the custom certificates are taken from
/usr/local/share/ca-certificates; please use PEM format, .crt extension
and call update-ca-certificates.
On Fedora systems custom certificates can be put in
/usr/share/pki/ca-trust-source/anchors; please use PEM format, .pem
extension and call update-ca-trust.
[1] http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
Change-Id: I0025e7c72fa2d863ae9540941956b1ab63bcc636
043ad08237