Implement X.509 auth between Rabbitmq and Designate Change-Id: Ibda946b558cd2a7c4f5fbcb17a7919d250bc33ff Related-Prod: PROD-22758

commit: b988699b38aa16c7b748d436a9d9d6358236ef81 [log] [tgz]
author: Oleksandr Shyshko <oshyshko@mirantis.com> Fri Sep 21 12:44:35 2018 +0300
committer: Oleksandr Shyshko <oshyshko@mirantis.com> Fri Sep 21 12:45:19 2018 +0300
tree: a8b6a6a1e3ee9292878ec7ca6b31a7faff6b7d9c
parent: bf1664e03d07c098c20ae8bdef7e143b91df763e [diff] [blame]
diff --git a/README.rst b/README.rst
index 77e1f3c..b334c4e 100644
--- a/README.rst
+++ b/README.rst

@@ -226,6 +226,33 @@
 You can read more about it here:
     https://docs.openstack.org/security-guide/databases/database-access-control.html
 
+Enable x509 and ssl communication between Designate and Rabbitmq.
+---------------------
+By default communication between Designate and Rabbitmq is unsecure.
+
+.. code-block:: yaml
+
+designate:
+  server:
+    message_queue:
+      x509:
+        enabled: True
+
+You able to set custom certificates in pillar:
+
+.. code-block:: yaml
+
+designate:
+  server:
+    message_queue:
+      x509:
+        cacert: (certificate content)
+        cert: (certificate content)
+        key: (certificate content)
+
+You can read more about it here:
+    https://docs.openstack.org/security-guide/messaging/security.html
+
 Documentation and Bugs
 ======================
commit	b988699b38aa16c7b748d436a9d9d6358236ef81	[log] [tgz]
author	Oleksandr Shyshko <oshyshko@mirantis.com>	Fri Sep 21 12:44:35 2018 +0300
committer	Oleksandr Shyshko <oshyshko@mirantis.com>	Fri Sep 21 12:45:19 2018 +0300
tree	a8b6a6a1e3ee9292878ec7ca6b31a7faff6b7d9c
parent	bf1664e03d07c098c20ae8bdef7e143b91df763e [diff] [blame]