Hide Forgot
Document URL: https://docs.openshift.com/container-platform/3.3/install_config/registry/securing_and_exposing_registry.html#securing-the-registry Section Number and Name: "Securing the Registry" Describe the issue: Documentation is incomplete and will not work without two (2) additional steps: cp /etc/origin/master/ca.crt /etc/pki/ca-trust/source/anchors/myregistrydomain.com.crt update-ca-trust The OS needs to know and trust the certificate in addition to Docker. Otherwise you get a certificate 'unknown authority' error. I found this information at https://docs.docker.com/registry/insecure/. Suggestions for improvement: Additional information:
Work in progress: https://github.com/openshift/openshift-docs/pull/4791
The PR is not in merge status, and there are some comment have not be resolved, is that the last version?
I applied the latest changes based on my team's feedback, so the PR is now fully up to date. As part of our docs workflow, we are not supposed to merge docs until they are reviewed by QE. Once QE verifies the docs, we merge. Thanks!
LGTM, thx
Commits pushed to master at https://github.com/openshift/openshift-docs https://github.com/openshift/openshift-docs/commit/2a9b196e5866b728ba86bd561a7292c6dbd8f8be Bug 1402551, added steps about trusting the certificate https://github.com/openshift/openshift-docs/commit/5434e068248e5dd11b6aadc6cb324239c42f4378 Merge pull request #4791 from ahardin-rh/BZ1402551 Bug 1402551, added steps about trusting the certificate
This has been published for 3.5, while I am waiting on updates for 3.4 and 3.3.
Content is now published: https://access.redhat.com/documentation/en-us/openshift_container_platform/3.5/html/installation_and_configuration/setting-up-the-registry#securing-the-registry https://access.redhat.com/documentation/en-us/openshift_container_platform/3.4/html/installation_and_configuration/setting-up-the-registry#securing-the-registry https://access.redhat.com/documentation/en-us/openshift_container_platform/3.3/html/installation_and_configuration/setting-up-the-registry#securing-the-registry