LinuxQuestions.org - docker pull to use the highest TLS protocol

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - docker pull to use the highest TLS protocol (https://www.linuxquestions.org/questions/linux-software-2/docker-pull-to-use-the-highest-tls-protocol-4175587498/)

docker pull to use the highest TLS protocol

Does a docker host that does a docker pull from a private repository uses the highest TLS protocol version that the server offers? Or does this need to be reconfigured? Anyone knows how I can confirm? Thanks in advance

Docker hosts that pull from a private registry do so over https. The registry (web) server has to support both tls and ca-cert validation (though no specific version appears to be required) or it is classified as an "insecure registry". If the registry is identified as insecure in the config, no problem, otherwise you will be required to use the --insecure-registry switch with the pull
Configuration options relating to TLS
tls:
certificate: /path/to/x509/public
key: /path/to/x509/private
clientcas:
- /path/to/ca.pem
- /path/to/another/ca.pem
letsencrypt:
cachefile: /path/to/cache-file
email: emailused@letsencrypt.com

Thanks for the inputs. Yes. There is ca-cert validation but from the link below, it doesn't really say how you can force to use a specific protocol version. I confirmed that they are able to negotiate via 1.2 from openssl s_client but I guess what I am looking for is to force the docker pull to use TLS1.