stackoom
  简体   繁体   中英

gitlab docker login failed : certificate signed by unknown authority

 原文  2019-02-28 21:07:25       docker/ ssl/ nginx/ gitlab/ registry

Question

When I tried to login to my registry I received "x509 certificate signed by unknown authority"

I have a dockerized gitlab behind a reverse proxy with ssl (cert are on my host) 

services:
  gitlab:
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    hostname: 'gitlab.example.com'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlab.mydomain.com'
        registry_external_url 'https://gitlab.mydomain.com:5555'
        registry_nginx['enable'] = true
        registry_nginx['listen_port'] = 5555
        registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.mydomain.com.pem"
        registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.mydomain.com.key"
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
        nginx['listen_port'] = 80
        nginx['listen_https'] = false
    ports:
      - '8088:80'
      - '2222:22'
      - '5555:5555'
    volumes:
      - './config:/etc/gitlab'
      - './logs:/var/log/gitlab'
      - './data:/var/opt/gitlab'

Did you already faced this kind of problem ?

1 answers

solution1
 0  2019-03-01 05:57:35

I found the answer, so if anyone have the same issue it could be helpful.

So, copy and paste letsencrypt cert into a directory (here ./ssl) and use it as volume into your docker-compose.yml. Restart your container and It will be fine.

(be sure to do it each time you regenerate your cert with a cron) 

services:
  gitlab:
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    hostname: 'gitlab.example.com'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlab.mydomain.com'
        registry_external_url 'https://gitlab.mydomain.com:5555'
        registry_nginx['enable'] = true
        registry_nginx['listen_port'] = 5555
        registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.mydomain.com.pem"
        registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.mydomain.com.key"
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
        nginx['listen_port'] = 80
        nginx['listen_https'] = false
    ports:
      - '8088:80'
      - '2222:22'
      - '5555:5555'
    volumes:
      - './config:/etc/gitlab'
      - './logs:/var/log/gitlab'
      - './data:/var/opt/gitlab'
      - './ssl:/etc/gitlab/ssl/'

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Docker certificate signed by unknown authority Docker registry login fails with “Certificate signed by unknown authority” Docker login x509: certificate signed by unknown authority docker build returns: certificate signed by unknown authority "docker pull" certificate signed by unknown authority docker login fails -> x509: certificate signed by unknown authority .. “crypto/rsa: verification error” docker login self hosted registry = x509: certificate signed by unknown authority Login to private registry from inside cloud-builders/docker step fails - certificate signed by unknown authority Docker on Windows (Boot2Docker) - certificate signed by unknown authority error docker error: x509: certificate signed by unknown authority
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM