1containers-certs.d(5)() containers-certs.d(5)()
2
6 containers-certs.d - Directory for storing custom container-registry
7 TLS configurations
8
12 A custom TLS configuration for a container registry can be configured
13 by creating a directory under $HOME/.config/containers/certs.d or
14 /etc/containers/certs.d. The name of the directory must correspond to
15 the host:port of the registry (e.g., my-registry.com:5000).
16
19 A certs directory can contain one or more files with the following
20 extensions:
21 · *.crt files with this extensions will be interpreted as CA
24 certificates
25 · *.cert files with this extensions will be interpreted as
27 client certificates
28 · *.key files with this extensions will be interpreted as
30 client keys
31 Note that the client certificate-key pair will be selected by the file
35 name (e.g., client.{cert,key}). An examplary setup for a registry run‐
36 ning at my-registry.com:5000 may look as follows:
37 /etc/containers/certs.d/ <- Certificate directory
40 └── my-registry.com:5000 <- Hostname:port
41 ├── client.cert <- Client certificate
42 ├── client.key <- Client key
43 └── ca.crt <- Certificate authority that signed the registry certificate
44
49 Feb 2019, Originally compiled by Valentin Rothberg rothberg@redhat.com
50 ⟨mailto:rothberg@redhat.com⟩
51 containers-certs.d(5)()