{"id":371,"date":"2025-12-01T10:08:05","date_gmt":"2025-12-01T02:08:05","guid":{"rendered":"https:\/\/www.52runoob.com\/?p=371"},"modified":"2025-12-01T10:08:05","modified_gmt":"2025-12-01T02:08:05","slug":"docker%e5%9f%ba%e7%a1%80%ef%bc%9a%e7%a7%81%e5%ba%93%e7%b3%bb%e5%88%97%ef%bc%9a%e5%86%8d%e6%8e%a2harbor%ef%bc%9a4-https%e6%96%b9%e5%bc%8f%e7%9a%84%e7%a7%81%e5%ba%93%e7%ae%a1%e7%90%86","status":"publish","type":"post","link":"https:\/\/www.52runoob.com\/index.php\/2025\/12\/01\/docker%e5%9f%ba%e7%a1%80%ef%bc%9a%e7%a7%81%e5%ba%93%e7%b3%bb%e5%88%97%ef%bc%9a%e5%86%8d%e6%8e%a2harbor%ef%bc%9a4-https%e6%96%b9%e5%bc%8f%e7%9a%84%e7%a7%81%e5%ba%93%e7%ae%a1%e7%90%86\/","title":{"rendered":"docker\u57fa\u7840\uff1a\u79c1\u5e93\u7cfb\u5217\uff1a\u518d\u63a2Harbor\uff1a(4) https\u65b9\u5f0f\u7684\u79c1\u5e93\u7ba1\u7406"},"content":{"rendered":"\n<p>\u4e0b\u9762\u7ed9\u4f60\u4e00\u4efd <strong>\u6e05\u6670\u3001\u7cfb\u7edf\u3001\u53ef\u76f4\u63a5\u7528\u4e8e\u5b9e\u6218\u7684\u300aDocker \u57fa\u7840\uff1a\u79c1\u5e93\u7cfb\u5217\uff1a\u518d\u63a2 Harbor\uff084\uff09\u2014 HTTPS \u65b9\u5f0f\u7684\u79c1\u5e93\u7ba1\u7406\u300b\u603b\u7ed3\u4e0e\u6559\u7a0b\u300b<\/strong>\u3002<br>\u4e00\u6b65\u6b65\u4ece <strong>HTTP \u2192 HTTPS \u2192 \u8bc1\u4e66 \u2192 \u5ba2\u6237\u7aef\u914d\u7f6e \u2192 \u63a8\u62c9\u955c\u50cf<\/strong> \u5168\u6d41\u7a0b\u8bf4\u660e\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83c\udf10 <strong>Docker \u79c1\u6709\u4ed3\u5e93 Harbor\uff1aHTTPS \u7ba1\u7406\u5b8c\u6574\u6307\u5357<\/strong><\/h1>\n\n\n\n<p>Harbor \u5728\u751f\u4ea7\u73af\u5883\u4e2d <strong>\u5fc5\u987b\u4f7f\u7528 HTTPS<\/strong>\uff0c\u5426\u5219\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5bc6\u7801\u4f1a\u660e\u6587\u4f20\u8f93<\/li>\n\n\n\n<li>Docker \u5ba2\u6237\u7aef\u9700\u8981 <code>--insecure-registry<\/code> \u624d\u80fd\u8bbf\u95ee<\/li>\n\n\n\n<li>Notary \/ \u5b89\u5168\u626b\u63cf\u7b49\u9ad8\u7ea7\u529f\u80fd\u4e0d\u80fd\u542f\u7528<\/li>\n<\/ul>\n\n\n\n<p>\u4e0b\u9762\u4ece\u96f6\u642d\u5efa\u4e00\u4e2a <strong>\u4f7f\u7528 HTTPS \u7684 Harbor \u79c1\u6709\u4ed3\u5e93<\/strong>\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">1\ufe0f\u20e3 \u521b\u5efa\u8bc1\u4e66\uff08\u81ea\u7b7e\u540d\u6216\u6b63\u5f0f CA\uff09<\/h1>\n\n\n\n<h2 class=\"wp-block-heading\">\u2714 <strong>\u65b9\u5f0f A\uff1a\u4f7f\u7528\u81ea\u7b7e\u540d\u8bc1\u4e66\uff08\u6d4b\u8bd5\u73af\u5883\u5e38\u7528\uff09<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. \u521b\u5efa CA \u79c1\u94a5<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nopenssl genrsa -out ca.key 4096\n\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\">2. \u751f\u6210 CA \u6839\u8bc1\u4e66<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nopenssl req -x509 -new -nodes \\\n  -key ca.key -days 3650 \\\n  -out ca.crt \\\n  -subj &quot;\/CN=myregistry.com&quot;\n\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\">3. \u4e3a Harbor \u751f\u6210\u8bc1\u4e66<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nopenssl genrsa -out harbor.key 4096\n\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\">4. \u751f\u6210\u8bc1\u4e66\u7b7e\u540d\u8bf7\u6c42\uff08CSR\uff09<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nopenssl req -new \\\n  -key harbor.key \\\n  -out harbor.csr \\\n  -subj &quot;\/CN=myregistry.com&quot;\n\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\">5. \u521b\u5efa\u8bc1\u4e66<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nopenssl x509 -req \\\n  -CA ca.crt -CAkey ca.key \\\n  -CAcreateserial \\\n  -in harbor.csr \\\n  -out harbor.crt \\\n  -days 3650\n\n<\/pre><\/div>\n\n\n<p>\u4f60\u5c06\u5f97\u5230\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nca.crt\nharbor.crt\nharbor.key\n\n<\/pre><\/div>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u2714 <strong>\u65b9\u5f0f B\uff1a\u7528 Let&#8217;s Encrypt \u6b63\u5f0f\u8bc1\u4e66\uff08\u751f\u4ea7\u5efa\u8bae\uff09<\/strong><\/h2>\n\n\n\n<p>\u53ea\u9700\u8fd0\u884c\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\ncertbot certonly --standalone -d myregistry.com\n\n<\/pre><\/div>\n\n\n<p>\u8bc1\u4e66\u4f4d\u4e8e\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\n\/etc\/letsencrypt\/live\/myregistry.com\/\n\n<\/pre><\/div>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">2\ufe0f\u20e3 Harbor \u914d\u7f6e HTTPS<\/h1>\n\n\n\n<p>\u7f16\u8f91 Harbor \u914d\u7f6e\u6587\u4ef6\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nvim harbor.yml\n\n<\/pre><\/div>\n\n\n<p>\u627e\u5230\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nhostname: myregistry.com\n\nhttps:\n  enabled: true\n  certificate: \/data\/cert\/harbor.crt\n  private_key: \/data\/cert\/harbor.key\n\n<\/pre><\/div>\n\n\n<p>\u7136\u540e\u6267\u884c\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nsudo .\/prepare\nsudo docker-compose down -v\nsudo docker-compose up -d\n\n<\/pre><\/div>\n\n\n<p>Harbor \u5c06\u4ee5 HTTPS \u65b9\u5f0f\u8fd0\u884c\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">3\ufe0f\u20e3 \u5ba2\u6237\u7aef\uff08Docker\uff09\u4fe1\u4efb Harbor \u7684\u8bc1\u4e66<\/h1>\n\n\n\n<p>\u5bf9\u4e8e <strong>\u81ea\u7b7e\u540d\u8bc1\u4e66<\/strong>\uff0c\u5fc5\u987b\u8ba9 Docker \u4fe1\u4efb CA\uff1a<\/p>\n\n\n\n<p>\u5728\u6bcf\u4e00\u4e2a\u8981\u8fde\u63a5 Harbor \u7684 Docker \u4e3b\u673a\u4e0a\uff1a<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. \u521b\u5efa\u76ee\u5f55<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nsudo mkdir -p \/etc\/docker\/certs.d\/myregistry.com\/\n\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\">2. \u62f7\u8d1d CA \u8bc1\u4e66<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nsudo cp ca.crt \/etc\/docker\/certs.d\/myregistry.com\/ca.crt\n\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\">3. \u91cd\u542f Docker<\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nsudo systemctl restart docker\n\n<\/pre><\/div>\n\n\n<p>\u5982\u679c\u4e0d\u505a\u8fd9\u4e00\u6b65\uff0c\u4f1a\u62a5\u9519\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nx509: certificate signed by unknown authority\n\n<\/pre><\/div>\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">4\ufe0f\u20e3 \u767b\u5f55 Harbor\uff08HTTPS\uff09<\/h1>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\ndocker login myregistry.com\n\n<\/pre><\/div>\n\n\n<p>\u8f93\u5165 Harbor \u7ba1\u7406\u5458\uff08\u6216\u9879\u76ee\u7528\u6237\uff09\u8d26\u53f7\u5bc6\u7801\u6210\u529f\u5373\u53ef\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">5\ufe0f\u20e3 \u63a8\u9001\u955c\u50cf\u81f3 HTTPS Harbor<\/h1>\n\n\n\n<h2 class=\"wp-block-heading\">1. \u7ed9\u955c\u50cf\u6253\u6807\u7b7e<\/h2>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\ndocker tag nginx:latest myregistry.com\/library\/nginx:v1\n\n<\/pre><\/div>\n\n\n<h2 class=\"wp-block-heading\">2. \u63a8\u9001\u955c\u50cf<\/h2>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\ndocker push myregistry.com\/library\/nginx:v1\n\n<\/pre><\/div>\n\n\n<p>\u8f93\u51fa\u7c7b\u4f3c\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nThe push refers to repository &#x5B;...]\nlatest: digest: sha256:... size: ...\n\n<\/pre><\/div>\n\n\n<p>\u5373\u8868\u793a HTTPS Harbor \u63a8\u9001\u6210\u529f\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">6\ufe0f\u20e3 \u4ece Harbor \u62c9\u53d6\u955c\u50cf\uff08HTTPS\uff09<\/h1>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\ndocker pull myregistry.com\/library\/nginx:v1\n\n<\/pre><\/div>\n\n\n<p>\u6210\u529f\u540e\u5373\u53ef\u4f7f\u7528\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">7\ufe0f\u20e3 \u5e38\u89c1\u9519\u8bef\u4e0e\u89e3\u51b3\u65b9\u6848<\/h1>\n\n\n\n<h3 class=\"wp-block-heading\">\u274c x509: certificate signed by unknown authority<\/h3>\n\n\n\n<p>\u2714 \u539f\u56e0\uff1aDocker \u4e0d\u4fe1\u4efb\u4f60\u7684 CA<br>\u2714 \u89e3\u51b3\uff1a\u628a <code>ca.crt<\/code> \u653e\u5230 <code>\/etc\/docker\/certs.d\/myregistry.com\/<\/code><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u274c Client sent an HTTP request to an HTTPS server<\/h3>\n\n\n\n<p>\u2714 \u539f\u56e0\uff1a\u4f60\u8bbf\u95ee\u65f6\u6ca1\u52a0 https \u6216\u5ba2\u6237\u7aef\u6ca1\u4fe1\u4efb\u8bc1\u4e66<br>\u2714 \u68c0\u67e5\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>harbor.yml<\/code> \u4e2d https \u662f\u5426\u542f\u7528<\/li>\n\n\n\n<li>Docker \u5ba2\u6237\u7aef\u662f\u5426\u4fe1\u4efb\u8bc1\u4e66<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u274c unauthorized: authentication required<\/h3>\n\n\n\n<p>\u2714 \u9700\u8981 <code>docker login<\/code><br>\u2714 \u4e5f\u9700\u786e\u8ba4\u955c\u50cf\u5c5e\u4e8e\u6b63\u786e\u7684 Project\uff08\u5982 <code>library<\/code>\uff09<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u274c Harbor \u540e\u53f0 444\/502<\/h3>\n\n\n\n<p>\u901a\u5e38\u662f nginx \u8bc1\u4e66\u8def\u5f84\u6216\u6743\u9650\u9519\u8bef<br>\u9700\u786e\u8ba4 Harbor \u53ef\u8bfb\u53d6\u8bc1\u4e66\u6587\u4ef6\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">\ud83c\udfaf \u603b\u7ed3\uff08HTTPS Harbor 4 \u6b65\u5b8c\u6210\uff09<\/h1>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u751f\u6210\u8bc1\u4e66\uff08CA + Harbor\uff09<\/li>\n\n\n\n<li>\u914d\u7f6e <code>harbor.yml<\/code> \u542f\u52a8 https<\/li>\n\n\n\n<li>Docker \u5ba2\u6237\u7aef\u4fe1\u4efb CA<\/li>\n\n\n\n<li>login \u2192 push \u2192 pull<\/li>\n<\/ol>\n\n\n\n<p>\u5373\u53ef\u5b8c\u6210\u5b89\u5168\u7684 Harbor \u79c1\u6709\u4ed3\u5e93\u90e8\u7f72\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4e0b\u9762\u7ed9\u4f60\u4e00\u4efd \u6e05\u6670\u3001\u7cfb\u7edf\u3001\u53ef\u76f4\u63a5\u7528\u4e8e\u5b9e\u6218\u7684\u300aDocker \u57fa\u7840\uff1a\u79c1\u5e93\u7cfb\u5217\uff1a\u518d\u63a2 &#8230; <a class=\"more-link\" href=\"https:\/\/www.52runoob.com\/index.php\/2025\/12\/01\/docker%e5%9f%ba%e7%a1%80%ef%bc%9a%e7%a7%81%e5%ba%93%e7%b3%bb%e5%88%97%ef%bc%9a%e5%86%8d%e6%8e%a2harbor%ef%bc%9a4-https%e6%96%b9%e5%bc%8f%e7%9a%84%e7%a7%81%e5%ba%93%e7%ae%a1%e7%90%86\/\">Continue Reading &rarr;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-371","post","type-post","status-publish","format-standard","hentry","category-12"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/posts\/371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/comments?post=371"}],"version-history":[{"count":1,"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/posts\/371\/revisions"}],"predecessor-version":[{"id":372,"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/posts\/371\/revisions\/372"}],"wp:attachment":[{"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/media?parent=371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/categories?post=371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.52runoob.com\/index.php\/wp-json\/wp\/v2\/tags?post=371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}