Configuring Harbor with HTTPS Access

Because Harbor does not ship with any certificates, it uses HTTP by default to serve registry requests. However, it is highly recommended that security be enabled for any production environment. Harbor has an Nginx instance as a reverse proxy for all services, you can use the prepare script to configure Nginx to enable https.

In a test or development environment, you may choose to use a self-signed certificate instead of the one from a trusted third-party CA. The followings will show you how to create your own CA, and use your CA to sign a server certificate and a client certificate.

Getting Certificate Authority

  openssl genrsa -out ca.key 4096

 

  

   

    

     

    
    

     

        openssl req -x509 -new -nodes -sha512 -days 3650 \
     
    
   

    

     

    
    

     

          -subj "/C=TW/ST=Taipei/L=Taipei/O=example/OU=Personal/CN=yourdomain.com" \
     
    
   

    

     

    
    

     

          -key ca.key \
     
    
   

    

     

    
    

     

          -out ca.crt
     
    
  
 

Getting Server Certificate

Assum

文章来源: blog.csdn.net，作者：隔壁老瓦，版权归原作者所有，如需转载，请联系作者。

原文链接：blog.csdn.net/wxb880114/article/details/85695571