LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-20-2016, 03:51 AM   #1
depam
Member
 
Registered: Sep 2005
Posts: 856

Rep: Reputation: 30
docker pull to use the highest TLS protocol


Does a docker host that does a docker pull from a private repository uses the highest TLS protocol version that the server offers? Or does this need to be reconfigured? Anyone knows how I can confirm? Thanks in advance
 
Old 08-22-2016, 04:39 PM   #2
dijetlo
Senior Member
 
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
Docker hosts that pull from a private registry do so over https. The registry (web) server has to support both tls and ca-cert validation (though no specific version appears to be required) or it is classified as an "insecure registry". If the registry is identified as insecure in the config, no problem, otherwise you will be required to use the --insecure-registry switch with the pull
Configuration options relating to TLS

tls:
certificate: /path/to/x509/public
key: /path/to/x509/private
clientcas:
- /path/to/ca.pem
- /path/to/another/ca.pem
letsencrypt:
cachefile: /path/to/cache-file
email: emailused@letsencrypt.com

Last edited by dijetlo; 08-22-2016 at 04:41 PM.
 
1 members found this post helpful.
Old 08-24-2016, 04:26 PM   #3
depam
Member
 
Registered: Sep 2005
Posts: 856

Original Poster
Rep: Reputation: 30
Thanks for the inputs. Yes. There is ca-cert validation but from the link below, it doesn't really say how you can force to use a specific protocol version. I confirmed that they are able to negotiate via 1.2 from openssl s_client but I guess what I am looking for is to force the docker pull to use TLS1.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Docker Engine 1.6 Debuts Alongside Docker Registry 2.0 and Compose 1.2.0 LXer Syndicated Linux News 0 04-17-2015 09:02 PM
LXer: Before you initiate a docker pull LXer Syndicated Linux News 0 12-30-2014 06:11 AM
VPN connection using TLS protocol with openVPN netpumber Linux - Networking 1 07-01-2013 05:47 AM
[SOLVED] ssl 3.0 / tls 1.0 open source protocol stack download link fahad.anwar Linux - Newbie 2 05-22-2012 02:08 AM
Fastest protocol, SSH, SSHFS, VPN, TLS/SSL Akonbobot Linux - Security 4 05-12-2007 08:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 12:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration