Install Registry

Create CA

cd /etc/pki/CA
mkdir certs crl newcerts private
chmod 700 private
touch index.txt
echo 1000 > serial
openssl req -x509 -days 3650 -nodes -newkey rsa:2048 -keyout /etc/pki/CA/private/ca.key.pem
 -out /etc/pki/CA/certs/ca.cert.pem
chmod 400 /etc/pki/CA/private/ca.key.pem

Add Trusted CA Certificate

if following error occurred, please execute the following commands to add trusted CA certificate
![](/assets/CATrustedError.JPG)

cp ca.cert.pem /etc/pki/ca-trust/source/anchors/
update-ca-trust force-enable
update-ca-trust extract
systemctl restart docker

Failed to launch container: Failed to perform 'curl': curl: (60) SSL certificate problem: self signed certificate More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.

mkdir -p /var/lib/dcos/pki/tls/certs
cp /etc/docker/certs.d/registry.marathon.mesos\:5000/ca.cert.pem /var/lib/dcos/pki/tls/certs
cd /var/lib/dcos/pki/tls/certs/
for file in *.pem; do ln -s "$file" "$(openssl x509 -hash -noout -in "$file")".0; done

PreviousKVM NextUpgrade DC/OS

Last updated 5 years ago

Was this helpful?