reg
reg copied to clipboard
Support to pass Client CERT/Key and CA CERT
Please feel free to correct me where I might be wrong in this feature request. I am naive to how certificates work. Seems to be close but not exact to #26
Would like to see support to pass along CA Cert as well as Client Cert/Key. I am able to run a basic curl with the three files specified but getting TLS handshake failure with reg usage. Possibly need to create a PR if want it done but want to make sure I am not misusing before hand. Thanks!
$ ls -l
total 32
-rw------- 1 joseestrada staff 2026 May 2 09:26 ca.crt
-rw------- 1 joseestrada staff 4449 May 2 09:26 client.cert
-rw------- 1 joseestrada staff 3446 May 2 09:26 client.key
$ curl -I "https://<registry>/v2/org/tags/list" -X GET --cacert ca.crt --cert client.cert --key client.key
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 12 Jun 2019 19:20:50 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=7884000; preload
$ reg ls <registry>/org
INFO[0000] domain: <registry>/org
INFO[0000] server address: <registry>/orgs
Get https://<registry>/org/v2/: remote error: tls: handshake failure
Issue-Label Bot is automatically applying the label feature_request
to this issue, with a confidence of 0.83. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!
Links: app homepage, dashboard and code for this bot.
I agree with this suggestion -- we cannot use reg because our registry requires client side PKI certificate.
If I get a chance I may try to put together a PR, but want to be sure someone will consider including it before I do.