0

Try to use mTLS client certs with docker registry. I deployed standard registry from docker docs with port 5000. And external nginx with mTLS on port 443. Nginx check client cert and proxy traffic to registry container on port 5000. With curl it is works fine.

curl -k --key ssl/client.key --cert ssl/client.crt https://localhost/v2/ 
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}

I put client certificates to /etc/docker/certs.d/localhost.

But i cant tell to docker login and pull from httpS://localhost. For example:

docker login --username a --password b localhost:443         
Error response from daemon: login attempt to http://localhost:443/v2/ failed with status: 400 Bad Request

It makes http request, not httpS. docker pull do this too.

How i make a force https auth with docker login and force https connection with docker pull?

I tried a force protocol write:

docker login --username a --password b https://localhost:443
Error response from daemon: login attempt to **http**://localhost:443/v2/ failed with status: 400 Bad Request

Tried to add localhost to insecure registries:

/etc/docker/daemon.json  

{"insecure-registries" : [ "localhost:443" ] }

Nothing help :(

Improve this question

1 Answer 1

Reset to default
0 
{
  "insecure-registries" : [],
  "registry-mirrors": [],
  "debug": true,
  "experimental": false,
  "features": {
    "buildkit": true
  }
}

Try to update docker daemon configuration.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.