Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow verify a self signed CA #73

Closed
falon opened this issue Jan 3, 2024 · 3 comments
Closed

Allow verify a self signed CA #73

falon opened this issue Jan 3, 2024 · 3 comments

Comments

@falon
Copy link

falon commented Jan 3, 2024

I have installed a registry with a self signed CA.
In order to trust my CA authority I added my CA certificate to /usr/local/share/ca-certificates by volume. But this is not sufficient. It seems I have to add it in /etc/ssl/certs/ca-certificates.crt too.

A procedure to add CA certificate in registry-ui would be appreciated.
@roman-vynar
Copy link
Contributor

When you add a cert to /usr/local/share/ca-certificates you need to run update-ca-certificates inside of the container which is impossible unless you build an image by yourself.

The easiest way is to mount your CA cert to the container into /etc/ssl/certs/ca-certificates.crt.

@falon
Copy link
Author

falon commented Jan 3, 2024

The easiest way is to mount your CA cert to the container into /etc/ssl/certs/ca-certificates.crt.

Yes, as it's written in the README. Not very elegant, I overwrite all other certificates... but it works!
Thank you!

@falon falon closed this as completed Jan 3, 2024
@roman-vynar
Copy link
Contributor

It's okay to overwrite all other certs in this case because the registry ui is not connecting anywhere else but your own registry.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@falon @roman-vynar