How to setup private docker registry securely?

I am able to setup private docker registry insecurely and able to pull and push from remote hosts. However, i would like to change it to using secure connection. I have followed the instruction at https://docs.docker.com/articles/https/ but i am confused which steps to be followed at docker host running registry and which are to be executed at remote docker machine? Please help!!!

Thanks in advance

  • docker-compose v2 named volumes and volumes on host
  • Access cephfs inside docker without mounting cephfs on host
  • How to pull images to docker registry?
  • Dockerfile created for JBoss with MySQL image
  • docker-machine + openstack: proxy
  • Docker Container for Windows - desktop app
  • Unable to connect to Redis Cluster from inside Docker container
  • How to ensure dependencies on host are removed when we remove a docker container
  • DOCKER installation ERROR “Internal error: Failed to expand shell folder constant ”userdocs" on Windows
  • jenkins docker plugin job “Permission denied” error
  • How to figure out if docker master or agent running
  • Passenger+Nginx+Docker app setup
  • One Solution collect form web for “How to setup private docker registry securely?”

    The recommended way is to secure your registry using nginx for SSL-termination, with a valid SSL certificate.

    Here https://github.com/docker/docker-registry/tree/master/contrib/nginx you will find sample nginx configuration to achieve that (on the registry host, obviously).

    In case you can’t/won’t use a valid SSL certificate, you can still instruct your docker daemon hosts to either trust that certificate, or ignore cert validation errors (see here for more: https://docs.docker.com/reference/commandline/cli/#insecure-registries)

    Hope that helps.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.