创建私有仓库配置目录
mkdir -p /opt/docker/registry/config/ && cd /opt/docker/registry/config/
生成自签名证书
修改配置文件openssl.cnf
# 一般情况下,证书只支持域名访问,要使其支持IP地址访问,需要修改配置文件openssl.cnf。
# 在Redhat7、CentOS系统中,文件所在位置是/etc/pki/tls/openssl.cnf。在其中的[ v3_ca]部分,添加subjectAltName选项:
[ v3_ca ]
subjectAltName = IP:192.168.238.104
生成证书
openssl req -x509 -days 36500 -nodes -newkey rsa:2048 \
-keyout /opt/docker/registry/config/domain.key \
-out /opt/docker/registry/config/domain.crt
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:192.168.238.104:5000
Email Address []:
添加信任证书
<