Use Maven and Docker + Nexus 3 behind NGinx with HTTPS
But… I’m using Sonatype Nexus 3 as my private docker registry.
And I have a frontal NGinX.
I would like to setup NGinx with a self-signed certificate to be able to use Nexus as a registry.
Basically, I have that setup for NGinx:
ssl_certificate /home/AAA/certificates/adgroupe.priv/server-cert.pem; ssl_certificate_key /home/AAA/certificates/adgroupe.priv/server-key.pem; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers RC4:HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on;
The 2 certificates being the ones generated with Docker documentation (link above).
I then can add with keytool my server.cert to my keystore, but how can I make both Maven and Docker trust that certificate? I mean, no one trust my CA since I generated it myself…
One Solution collect form web for “Use Maven and Docker + Nexus 3 behind NGinx with HTTPS”
I’m on a Debian based operating system, And i did it that way.
On your client AND your server, you just have to take the cert file and add it to the ca-certificates.
root@test:~/certs mkdir /usr/share/ca-certificates/myRegistry.example.com root@test:~/certs cp certificate.crt /usr/share/ca-certificates/myRegistry.example.com/ root@test:~/certs echo "myRegistry.example.com/certificate.crt" >> /etc/ca-certificates.conf root@test:~/certs update-ca-certificates Updating certificates in /etc/ssl/certs... 1 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d....done. # restart docker to refresh trusted CA root@test:~/certs systemctl restart docker
You will only be able to acces with the Common Name you gave it (for me it’s ): myRegistry.example.com.
Because I specified it when i created the cert
Common Name (e.g. server FQDN or YOUR name) :myRegistry.example.com
hope this helps