docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add docs on how to configure certs

This commit is contained in:
Joao Fernandes 2016-10-03 17:07:09 -07:00
parent f206a3b9d0
commit 65ec94fd1a
2 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
configure/use-your-certificates.md Normal file
View File

@ -0,0 +1,51 @@
+++
title = "Use your own certificates"
description = "Learn how to configure Docker Trusted Registry to use your own certificates"
keywords = ["Universal Control Plane, UCP, certificate, authentiation, tls"]
[menu.main]
parent="workw_dtr_configure"
identifier="dtr-configure-certs"
weight=0
+++
# Use your own certificates
By default the DTR services are exposed using HTTPS, to ensure all
communications between clients and DTR is encrypted. Since DTR
replicas use self-signed certificates for this, when a client accesses
DTR, their browsers won't trust this certificate, so the browser displays a
warning message.
You can configure DTR to use your own certificates, so that it is automatically
trusted by your users' browser and client tools.
## Replace the server certificates
To configure DTR to use your own certificates and keys, go to the
**DTR web UI**, navigate to the **Settings** page, and scroll down to the
**Domain** section.
![](../images/use-your-certificates-1.png)
Set the DTR domain name and upload the certificates and key:
* Load balancer/public address, is the domain name clients will use to access DTR.
* TLS certificate, is the server certificate and any intermediate CA public
certificates. This certificate needs to be valid for the DTR public address,
and have SANs for all addresses used to reach the DTR replicas, including load
balancers.
* TLS private key is the server private key.
* TLS CA is the root CA public certificate.
Finally, click **Save** for the changes to take effect.
If you're using certificates issued by a globally trusted certificate authority,
any web browser or client tool should now trust DTR. If you're using an internal
certificate authority, you'll need to [configure your system to trust that
certificate authority](../repos-and-images/index.md).
## Where to go next
* [Configure your Docker Engine](../repos-and-images/index.md)
* [Pull an image](../repos-and-images/pull-an-image.md)

BIN
images/use-your-certificates-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 288 KiB