fix: use cacert for self-signed or custom ca
diff --git a/roles/openstack_cli/templates/openrc.j2 b/roles/openstack_cli/templates/openrc.j2
index ba230f4..188fb81 100644
--- a/roles/openstack_cli/templates/openrc.j2
+++ b/roles/openstack_cli/templates/openrc.j2
@@ -10,3 +10,7 @@
export OS_PASSWORD="{{ openstack_helm_endpoints['identity']['auth']['admin']['password'] }}"
export OS_PROJECT_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
+
+{% if cluster_issuer_type is defined and cluster_issuer_type in ('self-signed', 'ca') %}
+export OS_CACERT=/usr/local/share/ca-certificates/atmosphere.crt
+{% endif %}
diff --git a/roles/openstacksdk/templates/clouds.yaml.j2 b/roles/openstacksdk/templates/clouds.yaml.j2
index 53fb9d2..19c3fcd 100644
--- a/roles/openstacksdk/templates/clouds.yaml.j2
+++ b/roles/openstacksdk/templates/clouds.yaml.j2
@@ -8,3 +8,6 @@
user_domain_name: Default
project_domain_name: Default
region_name: "{{ openstack_helm_endpoints['identity']['auth']['admin']['region_name'] }}"
+{% if cluster_issuer_type is defined and cluster_issuer_type in ('self-signed', 'ca') %}
+ cacert: /usr/local/share/ca-certificates/atmosphere.crt
+{% endif %}