我在內網一台服務器上搭建了私有CA中心來做自授權ssl證書,將生成的根證書導入瀏覽器後訪問https沒有再出現警告,但我在另外一台CentOS上使用curl https://username:password@my.domain.com:8000/也正常,但docker login https://my.domaian.com:8000/時報錯:
certificate signed by unknown authority (possibly because of "crypto/rsa:
verification error" while trying to verify candidate authority certificate "my.domain.com")
問題是,在centos上怎樣做才能夠信任這個自簽署的根證書CA呢
docker有自己的证书存放目录,路径是/etc/docker/certs.d/。格式詳見官方文件:https://github.com/docker/docker/blob/master/docs/sources/articles/certificates.md另外,作業系統增加根證書的各種姿勢:
http://kb.kerio.com/product/kerio-connect/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html