Last active
March 15, 2021 04:28
-
-
Save arastu/1ffa210ffd8e16718f1a8a43e58582d7 to your computer and use it in GitHub Desktop.
Configuring Harbor with HTTPS Access via letsencrypt(certbot with --standalone flag)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo certbot certonly --standalone -d registry.example.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #The IP address or hostname to access admin UI and registry service. | |
| #DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients. | |
| hostname = registry.example.com | |
| #The protocol for accessing the UI and token/notification service, by default it is http. | |
| #It can be set to https if ssl is enabled on nginx. | |
| ui_url_protocol = https | |
| #The path of cert and key files for nginx, they are applied only the protocol is set to https | |
| ssl_cert = /etc/letsencrypt/live/registry.example.com/fullchain.pem | |
| ssl_cert_key = /etc/letsencrypt/live/registry.example.com/privkey.pem |
You can also make use of the DNS-Challenge instead of the default challenge:
sudo certbot -d registry.example.com --manual --preferred-challenges dns certonly
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
wont work while harbor is running unless you change the port