Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 08-20-2016, 04:51 AM   #1
Registered: Sep 2005
Posts: 861

Rep: Reputation: 30
docker pull to use the highest TLS protocol

Does a docker host that does a docker pull from a private repository uses the highest TLS protocol version that the server offers? Or does this need to be reconfigured? Anyone knows how I can confirm? Thanks in advance
Old 08-22-2016, 05:39 PM   #2
Senior Member
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
Docker hosts that pull from a private registry do so over https. The registry (web) server has to support both tls and ca-cert validation (though no specific version appears to be required) or it is classified as an "insecure registry". If the registry is identified as insecure in the config, no problem, otherwise you will be required to use the --insecure-registry switch with the pull
Configuration options relating to TLS

certificate: /path/to/x509/public
key: /path/to/x509/private
- /path/to/ca.pem
- /path/to/another/ca.pem
cachefile: /path/to/cache-file

Last edited by dijetlo; 08-22-2016 at 05:41 PM.
1 members found this post helpful.
Old 08-24-2016, 05:26 PM   #3
Registered: Sep 2005
Posts: 861

Original Poster
Rep: Reputation: 30
Thanks for the inputs. Yes. There is ca-cert validation but from the link below, it doesn't really say how you can force to use a specific protocol version. I confirmed that they are able to negotiate via 1.2 from openssl s_client but I guess what I am looking for is to force the docker pull to use TLS1.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Docker Engine 1.6 Debuts Alongside Docker Registry 2.0 and Compose 1.2.0 LXer Syndicated Linux News 0 04-17-2015 10:02 PM
LXer: Before you initiate a docker pull LXer Syndicated Linux News 0 12-30-2014 07:11 AM
VPN connection using TLS protocol with openVPN netpumber Linux - Networking 1 07-01-2013 06:47 AM
[SOLVED] ssl 3.0 / tls 1.0 open source protocol stack download link fahad.anwar Linux - Newbie 2 05-22-2012 03:08 AM
Fastest protocol, SSH, SSHFS, VPN, TLS/SSL Akonbobot Linux - Security 4 05-12-2007 09:20 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:09 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration