Add note about required let's encrypt port
Let's Encrypt uses tls-sni to validate the certificate on the standard https port 443. If the registry is outwardly listening on a different port Let's Encrypt will not issue a certificate. Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
This commit is contained in:
parent
4107cdb633
commit
279c02a3ce
1 changed files with 5 additions and 0 deletions
|
@ -1066,6 +1066,11 @@ and proxy connections to the registry server.
|
||||||
The `letsencrypt` struct within `tls` is **optional**. Use this to configure TLS
|
The `letsencrypt` struct within `tls` is **optional**. Use this to configure TLS
|
||||||
certificates provided by [Let's Encrypt](https://letsencrypt.org/how-it-works/).
|
certificates provided by [Let's Encrypt](https://letsencrypt.org/how-it-works/).
|
||||||
|
|
||||||
|
>**NOTE**: When using Let's Encrypt ensure that the outward facing address is
|
||||||
|
> accessible on port `443`. The registry defaults to listening on `5000`, if
|
||||||
|
> run as a container consider adding the flag `-p 443:5000` to the `docker run`
|
||||||
|
> command or similar setting in cloud configuration.
|
||||||
|
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
<th>Parameter</th>
|
<th>Parameter</th>
|
||||||
|
|
Loading…
Reference in a new issue