Docker Registry: Easy-rsa renders bad certificate
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Docker Registry Charm |
Invalid
|
Medium
|
Kevin W Monroe |
Bug Description
Running latest stable charms with k8s 1.16.
Following: https:/
When I deploy Containerd + Docker Registry + Easyrsa, if I run "ctr pull" command, it will return "bad certificate", as below:
ctr: failed to resolve reference "image-
Certificate in itself seems to be valid. However, if I try to wget the link above, wget will also throw openssl errors with bad certificate:
$ wget --no-check-
--2020-03-10 20:51:16-- https:/
Resolving image-registry.maas (image-
Connecting to image-registry.maas (image-
OpenSSL: error:14094412:SSL routines:
Unable to establish SSL connection.
That issue also happens if I manually define certificates on docker-registry options.
Changed in layer-docker-registry: | |
status: | New → Triaged |
assignee: | nobody → Kevin W Monroe (kwmonroe) |
importance: | Undecided → Medium |
Just to add my experience here.
I set basic auth username and password. Then, inside the host of docker-registry, I am running docker login and by giving the auth credentials the .docker/config.json is produced. Furthermore, I can push and pull images to docker-registry.
On the other hand, if I try to do the same from kubernetes workers, meaning create a secret dockerconfig and use this secret inside a pod spec with an image from that registry, I am receiving bad certificate. I also receive bad certificates if I do the same actions as Pedro.