Hidden veriify client cert verfiy option

Remove to avoid replication access core from external_url issue

Signed-off-by: DQ <dengq@vmware.com>
This commit is contained in:
DQ 2020-04-21 21:14:32 +08:00
parent 4a292bf1ab
commit 599ca98c09
4 changed files with 1 additions and 6 deletions

View File

@ -21,8 +21,6 @@ https:
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # verify_client_cert used to decide whether verify client certificate
# verify_client_cert: false
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal

View File

@ -37,8 +37,6 @@ https:
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # verify_client_cert used to decide whether verify client certificate
# verify_client_cert: false
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal

View File

@ -342,7 +342,7 @@ def parse_yaml_config(config_file_path, with_notary, with_clair, with_trivy, wit
if internal_tls_config and internal_tls_config.get('enabled'):
config_dict['internal_tls'] = InternalTLS(
internal_tls_config['enabled'],
internal_tls_config['verify_client_cert'],
False,
internal_tls_config['dir'],
configs['data_volume'],
with_notary=with_notary,

View File

@ -7,7 +7,6 @@ sudo sed "s/reg.mydomain.com/$IP/" make/harbor.yml.tmpl |sudo tee make/harbor.ym
# enable internal tls
echo "internal_tls:" >> make/harbor.yml
echo " enabled: true" >> make/harbor.yml
echo " verify_client_cert: true" >> make/harbor.yml
echo " dir: /etc/harbor/tls/internal" >> make/harbor.yml
# TODO: remove it when scanner adapter support internal access of harbor