1containers-certs.d(5)               storing              containers-certs.d(5)
2
3
4

NAME

6       containers-certs.d  -  Directory  for storing custom container-registry
7       TLS configurations
8
9
10

DESCRIPTION

12       A custom TLS configuration for a container registry can  be  configured
13       by  creating  a  directory  under  $HOME/.config/containers/certs.d  or
14       /etc/containers/certs.d.  The name of the directory must correspond  to
15       the host:port of the registry (e.g., my-registry.com:5000).
16
17

Directory Structure

19       A  certs directory can contain one or more files with the following ex‐
20       tensions:
21
22
23*.crt  files with this extensions will be  interpreted  as  CA
24                certificates
25
26*.cert  files  with  this  extensions  will  be interpreted as
27                client certificates
28
29*.key  files with  this  extensions  will  be  interpreted  as
30                client keys
31
32
33
34       Note  that the client certificate-key pair will be selected by the file
35       name (e.g., client.{cert,key}).  An exemplary setup for a registry run‐
36       ning at my-registry.com:5000 may look as follows:
37
38
39              /etc/containers/certs.d/    <- Certificate directory
40              └── my-registry.com:5000    <- Hostname:port
41                 ├── client.cert          <- Client certificate
42                 ├── client.key           <- Client key
43                 └── ca.crt               <- Certificate authority that signed the registry certificate
44
45
46
47

HISTORY

49       Feb  2019, Originally compiled by Valentin Rothberg rothberg@redhat.com
50       ⟨mailto:rothberg@redhat.com⟩
51
52
53
54for                                Directory             containers-certs.d(5)
Impressum