Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-10-02 23:37:38 +02:00
Code Issues Projects Releases Wiki Activity

update file

Browse Source
This commit is contained in:
wemeya 2016-04-22 13:45:38 +08:00
parent 54aca69b19
commit 436acd0642
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
docs/customize token service.md
View File

@ -11,10 +11,14 @@ By default, Harbor uses default private key and certificate in authentication. A
**1)Generate a private key:**
```sh
openssl genrsa -out private_key.pem 4096
$ openssl genrsa -out private_key.pem 4096
```
**2)Generate a certificate:** You are about to be asked to enter information that will be incorporated into your certificate request.
**2)Generate a certificate:**
```sh
$ openssl req -new -x509 -key private_key.pem -out root.crt -days 3650
```
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
@ -34,25 +38,21 @@ Common Name (eg, server FQDN or YOUR name) []:
Email Address []:
```sh
openssl req -new -x509 -key private_key.pem -out root.crt -days 3650
```
After you execute these two commands, you will see private_key.pem and root.crt in the **current directory**, just type "ls", you'll see them.
3.Refer to [Installation Guide](https://github.com/vmware/harbor/blob/master/docs/installation_guide.md) to install Harbor, After you execute ./prepare, Harbor generates several config files. We need to replace the original private key and certificate with your own key and certificate.
4.Following are what you should do:
**1)cd config/ui, you will see private_key.pem.**
**2)replace private_key.pem with your private_key.pem**
**3)cd ../registry, you will see root.crt. Replace it with your root.crt**
4.Replace the default key and certificate. Assume that you key and certificate are in the directory /root/cert, following are what you should do:
```
$ cd config/ui
$ cp /root/cert/private_key.pem private_key.pem
$ cp /root/cert/root.crt ../registry/root.crt
```
5.After these, go back to the Deploy directory, you can start Harbor using following command:
```
docker-compose up -d
$ docker-compose up -d
```
6.Then you can push/pull images to see if your own certificate works. Please refer [User Guide](https://github.com/vmware/harbor/blob/master/docs/user_guide.md) for more info.