Harbor 啟用 443 Port(使用憑證)

在上一篇 使用 Harbor 建立 Docker 私有儲存庫(Docker Registry) 只有啟用 80 Port(連接埠),如果想要啟用 443 Port 需要有憑證,這裡示範使用 openssl 產生自簽憑證,啟用 443 Port。

使用 pwd 指令查看當前路徑,等一下產完公私鑰後需要填入完整路徑用:
    
pwd
/opt/harbor
    

使用 openssl 指令產生公私鑰:
    
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
    

範例輸出:
    
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 36500 -nodes
........+....+.....+.......+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:TW
State or Province Name (full name) [Some-State]:Taipei
Locality Name (eg, city) []:Taipei City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Ruyut
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:Ruyut
Email Address []:a@ruyut.com
    

查看檔案:
    
ls
cert.pem  key.pem
    

編輯設定檔:
    
vi /opt/harbor/harbor.yml
    

    
hostname: 192.168.0.40

http:
  port: 80

https:
  port: 443
  certificate: /opt/harbor/certificate/cert.pem
  private_key: /opt/harbor/certificate/key.pem
    

執行 install.sh 套用設定
    
sudo ./install.sh
    

執行完畢後開啟網頁就會自動導向 443 port 了

延伸閱讀: Linux 產生自簽憑證

留言