mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-22 16:48:30 +01:00
Fix common name issue.
The web server's cn name should be different with the CA's common name other wise we cannot vew the harbor UI if we use this scripte to create certificate.
This commit is contained in:
parent
6e0f274c07
commit
4a583b0229
@ -17,12 +17,12 @@ fi
|
||||
# Create CA certificate
|
||||
openssl req \
|
||||
-newkey rsa:4096 -nodes -sha256 -keyout harbor_ca.key \
|
||||
-x509 -days 365 -out harbor_ca.crt -subj '/C=CN/ST=PEK/L=Bei Jing/O=VMware/CN=Harbor CA'
|
||||
-x509 -days 365 -out harbor_ca.crt -subj '/C=CN/ST=PEK/L=Bei Jing/O=VMware/CN=HarborCA'
|
||||
|
||||
# Generate a Certificate Signing Request
|
||||
openssl req \
|
||||
-newkey rsa:4096 -nodes -sha256 -keyout $IP.key \
|
||||
-out $IP.csr -subj '/C=CN/ST=PEK/L=Bei Jing/O=VMware/CN=Harbor CA'
|
||||
-out $IP.csr -subj '/C=CN/ST=PEK/L=Bei Jing/O=VMware/CN=HarborManager'
|
||||
|
||||
# Generate the certificate of local registry host
|
||||
echo subjectAltName = IP:$IP > extfile.cnf
|
||||
@ -32,4 +32,4 @@ openssl x509 -req -days 365 -in $IP.csr -CA harbor_ca.crt \
|
||||
# Copy to harbor default location
|
||||
mkdir -p /data/cert
|
||||
cp $IP.crt /data/cert/server.crt
|
||||
cp $IP.key /data/cert/server.key
|
||||
cp $IP.key /data/cert/server.key
|
||||
|
Loading…
Reference in New Issue
Block a user