Add options to support TLS certificate verification

Add --os-cacert and --verify|--insecure options using the same
sematics as the other project CLIs.  --verify is included for
completeness.

Bug: 1236608

Change-Id: I8a116d790db5aa4cb17a2207efedce7cb229eba3

1 files changed, 11 insertions, 1 deletions

diff --git a/openstackclient/common/clientmanager.py b/openstackclient/common/clientmanager.py
index 24b09beb..85f544e4 100644
--- a/openstackclient/common/clientmanager.py
+++ b/openstackclient/common/clientmanager.py
@@ -50,7 +50,7 @@ class ClientManager(object):
 
     def __init__(self, token=None, url=None, auth_url=None, project_name=None,
                  project_id=None, username=None, password=None,
-                 region_name=None, api_version=None):
+                 region_name=None, verify=True, api_version=None):
         self._token = token
         self._url = url
         self._auth_url = auth_url
@@ -62,6 +62,16 @@ class ClientManager(object):
         self._api_version = api_version
         self._service_catalog = None
 
+        # verify is the Requests-compatible form
+        self._verify = verify
+        # also store in the form used by the legacy client libs
+        self._cacert = None
+        if verify is True or verify is False:
+            self._insecure = not verify
+        else:
+            self._cacert = verify
+            self._insecure = True
+
         self.auth_ref = None
 
         if not self._url: