[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Securing the registry



Another problem seems to be with the s3 backed registry...

level=error msg="response completed with error" err.code=UNKNOWN err.detail="s3: Put https://s3-ap-southeast-2.amazonaws.com/os3master-prod-os-aws-XXX-com-au-docker/regis
try/docker/registry/v2/repositories/bnz-uat/auth/_uploads/b8908e4c-034e-455f-8809-ed77da37c719/startedat: x509: certificate is valid for *.os.aws.XXX.com.au, *.prod.os.aws.XXX.com.au, os3master.prod.os.a
ws.XXX.com.au, not s3-ap-southeast-2.amazonaws.com" err.message="unknown error" go.version=go1.6


I've read  to contact aws support, but suspect that was intended for normal registries rather than exposed secured ones.

Cheers

On 11 July 2016 at 17:19, Lewis Shobbrook <l shobbrook+origin base2services com> wrote:
Responding to my own post, it was a broken resolv.conf via dhcp-option-set

The question regarding the AWS elb still stands :-)

Cheers

On 11 July 2016 at 16:27, Lewis Shobbrook <l shobbrook+origin base2services com> wrote:
Hi Guys,

All appears successful, but attempts to pull from remote registry such as github now fail with the following error...

 builder.go:204] Error: build error: fatal: unable to access 'https://github.com/openshift/ruby-ex.git/': Unable to communicate securely with peer: requested domain name does not match the server's certificate.


Also are there any suggestions or guides  for how to expose the registry behind an AWS elb?

Seems to time out when signing tls.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]