dregsy icon indicating copy to clipboard operation
dregsy copied to clipboard

Published 20 hours ago verified publisher icon xelalexv

forcing HTTP scheme for insecure registry

Open QwentB opened this issue 2 years ago • 1 comments

Even when configuration contains skip-tls-verify: true if the registry has a prefix different than localhost the Registry.Scheme is always https, and the catalog retrieval fails.

QwentB avatar Jul 01 '22 13:07 QwentB

I think there are two 'levels' of insecure here. The meaning of skip-tls-verify: true is quite literally to skip TLS verification of the server, but not to drop to HTTP. It's still doing HTTPS. The other 'level' would be plain HTTP. If we want to support that, we need to distinguish it from Skip-TLS-Verify, i.e. we would probably have to introduce a new config option such as insecure: true for this. Also, naming of the flag for Skip-TLS-Verify as insecure in existing code is bit misleading and needs to be changed for clarity.

xelalexv avatar Jul 20 '22 12:07 xelalexv