This repository was archived by the owner on Apr 17, 2023. It is now read-only.
This repository was archived by the owner on Apr 17, 2023. It is now read-only.
Works with self signed but does not work with internal CA #2050
Description
Description
I ve set all up in my local machine with a self signed certificate, then I set it up in my corporate rserver with a self signed certificate, it worked again. Then I changed the certificate to a new certificate signed from our internal CA, now I can connect to Portus, and I can login in the registry, but I get SSLError when linking portus to the registry.
Steps to reproduce
- Set FCDN and nginx (I used an URL that is correctly resolved on our internal DNS)
- Copy all certidicates to /etc/docker/cert.d/{server url}:5000 ( rootCA.crt, intemediateCA.crt, and portus.crt)
- docker-compose up
- go to {server url} on the browser (from my local machine) shows as secure
- create admin
- set hostname to {server url}:5000
7.1. Browser :
OpenSSL::SSL::SSLError: could not stablish connection: SSL error You can skip this check by clicking on the "Skip remote checks" checkbox.
7.2 Terminal logs:
registry_1_5868aac66eee | 2018/12/06 15:41:49 http: TLS handshake error from 172.18.0.1:54660: remote error: tls: unknown certificate authority
portus_1_514c193677b4 | OpenSSL::SSL::SSLError: could not stablish connection: SSL error
- Expected behavior: I expected portus to conect with registry like with a self signed certificate
- Actual behavior: OpenSSL::SSL::SSLError
Deployment information
I have a an ofline rootCA that signs 2 IntermediateCAs that are online, all this certificates are on the server both on the os and docker cert.d folder. I need this certificate to work otherwise I will not be able to get images from the registry on the production environment.