Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support to pass Client CERT/Key and CA CERT #189

Open
jlestrada opened this issue Jun 12, 2019 · 2 comments · May be fixed by #223
Open

Support to pass Client CERT/Key and CA CERT #189

jlestrada opened this issue Jun 12, 2019 · 2 comments · May be fixed by #223
Labels
feature_request

Comments

@jlestrada
Copy link

jlestrada commented Jun 12, 2019
edited

Please feel free to correct me where I might be wrong in this feature request. I am naive to how certificates work. Seems to be close but not exact to #26

Would like to see support to pass along CA Cert as well as Client Cert/Key. I am able to run a basic curl with the three files specified but getting TLS handshake failure with reg usage. Possibly need to create a PR if want it done but want to make sure I am not misusing before hand. Thanks!

$ ls -l
total 32
-rw-------  1 joseestrada  staff  2026 May  2 09:26 ca.crt
-rw-------  1 joseestrada  staff  4449 May  2 09:26 client.cert
-rw-------  1 joseestrada  staff  3446 May  2 09:26 client.key

$ curl -I "https://<registry>/v2/org/tags/list" -X GET --cacert ca.crt --cert client.cert --key client.key
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 12 Jun 2019 19:20:50 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=7884000; preload

$ reg ls <registry>/org
INFO[0000] domain: <registry>/org
INFO[0000] server address: <registry>/orgs
Get https://<registry>/org/v2/: remote error: tls: handshake failure
@issue-label-bot
Copy link

Issue-Label Bot is automatically applying the label feature_request to this issue, with a confidence of 0.83. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

@kmeekva
Copy link

kmeekva commented Apr 12, 2022

I agree with this suggestion -- we cannot use reg because our registry requires client side PKI certificate.

If I get a chance I may try to put together a PR, but want to be sure someone will consider including it before I do.

@ricardobranco777 ricardobranco777 linked a pull request Nov 9, 2022 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature_request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for client certificates ricardobranco777/reg
2 participants
@jlestrada @kmeekva