mirror of
https://github.com/distribution/distribution
synced 2024-11-12 05:45:51 +01:00
Self-signed certificate with Kubernetes fix
In Go 1.15 there is common name deprecation for using Common name: https://golang.google.cn/doc/go1.15#commonname This causes the self-signed cert to be rejected by some Kubernetes platforms: https://stackoverflow.com/questions/64814173/how-do-i-use-sans-with-openssl-instead-of-common-name Fix is to add this field to the cert.
This commit is contained in:
parent
96357c9616
commit
e7dc768ae5
@ -68,6 +68,7 @@ This is more secure than the insecure registry solution.
|
||||
|
||||
$ openssl req \
|
||||
-newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key \
|
||||
-addext "subjectAltName = DNS:myregistry.domain.com" \
|
||||
-x509 -days 365 -out certs/domain.crt
|
||||
```
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user