Adding a CA Cert for docker pull?
547 views
Skip to first unread message
Jason
May 19, 2014, 11:14:15 AM5/19/14
to coreo...@googlegroups.com
Hello,
I'm in the unfortunate situation where I need to configure a web proxy for access to the internet AND add that proxy's CA Cert in order to pull docker images. The proxy bit is quite easy and even documented, but what about the CA Cert? With the standard cloud-config there is a function for this, but it doesn't seem to exist in the coreos version. Is there an easy way to do this?
Many thanks
I'm in the unfortunate situation where I need to configure a web proxy for access to the internet AND add that proxy's CA Cert in order to pull docker images. The proxy bit is quite easy and even documented, but what about the CA Cert? With the standard cloud-config there is a function for this, but it doesn't seem to exist in the coreos version. Is there an easy way to do this?
Many thanks
Brandon Philips
May 19, 2014, 11:20:28 AM5/19/14
to coreos-dev
done this myself but you should be able to write the certificate into
/etc/ssl/certs and then run `systemctl restart
update-ca-certificates.service`.
If that works out let me know and we will write-up a doc.
Thanks!
Brandon
Michael Marineau
May 19, 2014, 12:07:31 PM5/19/14
to coreos-dev
Or run "sudo update-ca-certificates", no particular need to go through the systemd service.
Jason
May 20, 2014, 9:59:02 AM5/20/14
to coreo...@googlegroups.com
Thanks guys, I was looking for the 'ca-certs' cloud-init directive, but you were both right. It was no problem to do without. So, based on your suggestions this is what I do:
Thanks!
write_files:
- path: /etc/ssl/certs/my.pem
permissions: 0644
content: |
-----BEGIN CERTIFICATE-----
CERT_HERE
-----END CERTIFICATE-----
runcmd:
- [ sudo, update-ca-certificates ]
- path: /etc/ssl/certs/my.pem
permissions: 0644
content: |
-----BEGIN CERTIFICATE-----
CERT_HERE
-----END CERTIFICATE-----
runcmd:
- [ sudo, update-ca-certificates ]
Thanks!
Reply all
Reply to author
Forward
0 new messages