From 2f0910fd6814447f3d8e281f115f5d05d356d67b Mon Sep 17 00:00:00 2001 From: Jiffin Tony Thottan Date: Mon, 19 Oct 2020 23:42:58 +0530 Subject: [PATCH] rgw: add seperate option for verify ssl for vault KMS engine Signed-off-by: Jiffin Tony Thottan (cherry picked from commit 4a93faa2eec8077edb4c35a20b6b66bc610a6e4a) Conflicts: src/common/options/rgw.yaml.in - added required changes in options.cc and legacy_config_opts.h Signed-off-by: Jiffin Tony Thottan --- src/common/legacy_config_opts.h | 1 + src/common/options.cc | 4 ++++ src/rgw/rgw_kms.cc | 2 ++ 3 files changed, 7 insertions(+) diff --git a/src/common/legacy_config_opts.h b/src/common/legacy_config_opts.h index 8e2438bf0f66c..75de330b6d1ba 100644 --- a/src/common/legacy_config_opts.h +++ b/src/common/legacy_config_opts.h @@ -1509,6 +1509,7 @@ OPTION(rgw_crypt_vault_addr, OPT_STR) // Vault server base address OPTION(rgw_crypt_vault_prefix, OPT_STR) // Optional URL prefix to Vault secret path OPTION(rgw_crypt_vault_secret_engine, OPT_STR) // kv, transit or other supported secret engines OPTION(rgw_crypt_vault_namespace, OPT_STR) // Vault Namespace (only availabe in Vault Enterprise Version) +OPTION(rgw_crypt_vault_verify_ssl, OPT_BOOL) // should we try to verify vault's ssl OPTION(rgw_crypt_kmip_addr, OPT_STR) // kmip server address OPTION(rgw_crypt_kmip_ca_path, OPT_STR) // ca for kmip servers diff --git a/src/common/options.cc b/src/common/options.cc index 96eabd2d94eea..bd6f3e6d74535 100644 --- a/src/common/options.cc +++ b/src/common/options.cc @@ -7175,6 +7175,10 @@ std::vector