Implement X.509 auth for MySQL and Heat Related-PROD: PROD-22736 Change-Id: Ie1b5741ee2b9ada88d9552d270630e76ca2f240c

commit: 60a2b87e066e7349402c87c28dd70d602d1967a1 [log] [tgz]
author: Oleksandr Shyshko <oshyshko@mirantis.com> Thu Aug 30 17:23:24 2018 +0300
committer: oshyshko <oshyshko@mirantis.com> Tue Sep 04 09:00:11 2018 +0000
tree: 65bd8e8a4ad42b304291a95a99eba422ce70c5d5
parent: 0f16e0531891a3b296963d4b7a28ce2a255b48e6 [diff] [blame]
diff --git a/README.rst b/README.rst
index 8817d0a..8ad30f3 100644
--- a/README.rst
+++ b/README.rst

@@ -249,6 +249,27 @@
           ossyslog:
             enabled: true
 
+Enable x509 and ssl communication between Heat and Galera cluster.
+---------------------
+By default communication between Heat and Galera is unsecure.
+
+You able to set custom certificates in pillar:
+server:
+  database:
+    x509:
+      enabled: True
+
+heat:
+  server:
+    database:
+      x509:
+        cacert (certificate content)
+        cert (certificate content)
+        key (certificate content)
+
+You can read more about it here:
+    https://docs.openstack.org/security-guide/databases/database-access-control.html
+
 Documentation and Bugs
 ======================
commit	60a2b87e066e7349402c87c28dd70d602d1967a1	[log] [tgz]
author	Oleksandr Shyshko <oshyshko@mirantis.com>	Thu Aug 30 17:23:24 2018 +0300
committer	oshyshko <oshyshko@mirantis.com>	Tue Sep 04 09:00:11 2018 +0000
tree	65bd8e8a4ad42b304291a95a99eba422ce70c5d5
parent	0f16e0531891a3b296963d4b7a28ce2a255b48e6 [diff] [blame]