Remember bug 1353315? The auth_token middleware would set not verify the server cert when insecure=false in api-paste.ini because it passes the value as a string rather than a Boolean. Turns out he s3_token middleware has the same code.
conf is a dict of strings, so if you set insecure=false, then insecure here gets set to "false", which evaluates to True since it's not a zero-length string.
Remember bug 1353315? The auth_token middleware would set not verify the server cert when insecure=false in api-paste.ini because it passes the value as a string rather than a Boolean. Turns out he s3_token middleware has the same code.
http:// git.openstack. org/cgit/ openstack/ keystonemiddlew are/tree/ keystonemiddlew are/s3_ token.py# n119
insecure = conf.get( 'insecure' , False)
if insecure:
self._verify = False
conf is a dict of strings, so if you set insecure=false, then insecure here gets set to "false", which evaluates to True since it's not a zero-length string.