{"id":21800,"date":"2018-06-07T12:15:28","date_gmt":"2018-06-07T09:15:28","guid":{"rendered":"https:\/\/www.webcodegeeks.com\/?p=21800"},"modified":"2018-06-01T12:12:13","modified_gmt":"2018-06-01T09:12:13","slug":"secure-a-docker-registry-using-ssl","status":"publish","type":"post","link":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/","title":{"rendered":"Secure a docker registry using ssl"},"content":{"rendered":"

As mentioned on a previous<\/a> article having a registry with a username and password is not secure if the registry is not ssl configured.<\/p>\n

So we are going to add the ssl certificates to our registry. To make things easier we will use let\u2019s encrypt<\/a> which is free.<\/p>\n

Once we have generated the credentials we have to add them to the registry. We will create a directory called certificates which will contain the certificate pem file and the key pem file. Then we will move the generated certificates on the certificates directory with the names crt.pem and key.crt.<\/p>\n

We will follow exactly the same steps we followed in the previous<\/a> article to generate the password.<\/p>\n

docker run --entrypoint htpasswd registry:2 -Bbn {your-user} {your-password} > auth\/password-file<\/pre>\n
Now we are ready to create our registry by also specifying the certificates. To do so we will mount the certificates directory to our docker container. The we will specify where the registry is going to find the credentials on the containers filesystem<\/p>\n
docker run -d -p 5000:5000 --restart=always --name registry -v `pwd`\/auth:\/auth -v `pwd`\/certificates:\/certificates -e \"REGISTRY_AUTH=htpasswd\" -e \"REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm\" -e REGISTRY_AUTH_HTPASSWD_PATH=\/auth\/password-file -e REGISTRY_HTTP_TLS_CERTIFICATE=\/certificates\/crt.pem -e REGISTRY_HTTP_TLS_KEY=\/certificates\/key.pem registry:2<\/pre>\n
So your registry will pickup the credentials specified and will also use the certificates created.
\nNext step is to do the dns mapping and add a dns entry which directs your subdomain to your registry\u2019s ip.<\/p>\n
However if you just wan\u2019t to test it, you can run your registry locally and just change your \/etc\/hosts and add this entry.<\/p>\n
127.0.0.1 registry.{your certificate's domain }<\/pre>\n
Once you navigate through your browser to https:\/\/registry<\/a>.{your certificate\u2019s domain }:5000
\nyou will get a 200 status code and your browser will identify your connection as secure.<\/p>\n
\n\n\n\n
Published on Web Code Geeks with permission by Emmanouil Gkatziouras, partner at our WCG program<\/a>. See the original article here: Secure a docker registry using ssl<\/a><\/p>\n
Opinions expressed by Web Code Geeks contributors are their own.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
As mentioned on a previous article having a registry with a username and password is not secure if the registry is not ssl configured. So we are going to add the ssl certificates to our registry. To make things easier we will use let\u2019s encrypt which is free. Once we have generated the credentials we …<\/p>\n","protected":false},"author":99,"featured_media":10356,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[217],"class_list":["post-21800","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops","tag-docker"],"yoast_head":"\nSecure a docker registry using ssl - Web Code Geeks - 2026<\/title>\n<meta name=\"description\" content=\"Interested to learn more about how to Secure docker registry? Then check out our detailed Secure a docker registry using ssl article where you will learn how to add the ssl certificate in order to secure your registry.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Secure a docker registry using ssl - Web Code Geeks - 2026\" \/>\n<meta property=\"og:description\" content=\"Interested to learn more about how to Secure docker registry? Then check out our detailed Secure a docker registry using ssl article where you will learn how to add the ssl certificate in order to secure your registry.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\" \/>\n<meta property=\"og:site_name\" content=\"Web Code Geeks\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/webcodegeeks\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-07T09:15:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"150\" \/>\n\t<meta property=\"og:image:height\" content=\"150\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Emmanouil Gkatziouras\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@webcodegeeks\" \/>\n<meta name=\"twitter:site\" content=\"@webcodegeeks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Emmanouil Gkatziouras\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\"},\"author\":{\"name\":\"Emmanouil Gkatziouras\",\"@id\":\"https:\/\/www.webcodegeeks.com\/#\/schema\/person\/f242ded62465cfd1f8f091603351ba96\"},\"headline\":\"Secure a docker registry using ssl\",\"datePublished\":\"2018-06-07T09:15:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\"},\"wordCount\":293,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg\",\"keywords\":[\"Docker\"],\"articleSection\":[\"DevOps\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\",\"url\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\",\"name\":\"Secure a docker registry using ssl - Web Code Geeks - 2026\",\"isPartOf\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg\",\"datePublished\":\"2018-06-07T09:15:28+00:00\",\"description\":\"Interested to learn more about how to Secure docker registry? Then check out our detailed Secure a docker registry using ssl article where you will learn how to add the ssl certificate in order to secure your registry.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage\",\"url\":\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg\",\"contentUrl\":\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg\",\"width\":150,\"height\":150},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.webcodegeeks.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DevOps\",\"item\":\"https:\/\/www.webcodegeeks.com\/category\/devops\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Secure a docker registry using ssl\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.webcodegeeks.com\/#website\",\"url\":\"https:\/\/www.webcodegeeks.com\/\",\"name\":\"Web Code Geeks\",\"description\":\"Web Developers Resource Center\",\"publisher\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.webcodegeeks.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.webcodegeeks.com\/#organization\",\"name\":\"Exelixis Media P.C.\",\"url\":\"https:\/\/www.webcodegeeks.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.webcodegeeks.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png\",\"contentUrl\":\"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png\",\"width\":864,\"height\":246,\"caption\":\"Exelixis Media P.C.\"},\"image\":{\"@id\":\"https:\/\/www.webcodegeeks.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/webcodegeeks\",\"https:\/\/x.com\/webcodegeeks\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.webcodegeeks.com\/#\/schema\/person\/f242ded62465cfd1f8f091603351ba96\",\"name\":\"Emmanouil Gkatziouras\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.webcodegeeks.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5c6d031d211ab786ec335687ad6f3f076f93f47e24c92d78041d2f805ee6c291?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5c6d031d211ab786ec335687ad6f3f076f93f47e24c92d78041d2f805ee6c291?s=96&d=mm&r=g\",\"caption\":\"Emmanouil Gkatziouras\"},\"description\":\"He is a versatile software engineer with experience in a wide variety of applications\/services.He is enthusiastic about new projects, embracing new technologies, and getting to know people in the field of software.\",\"sameAs\":[\"http:\/\/egkatzioura.wordpress.com\/\",\"https:\/\/gr.linkedin.com\/in\/gkatziourasemmanouil\"],\"url\":\"https:\/\/www.webcodegeeks.com\/author\/emmanouil-gkatziouras\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Secure a docker registry using ssl - Web Code Geeks - 2026","description":"Interested to learn more about how to Secure docker registry? Then check out our detailed Secure a docker registry using ssl article where you will learn how to add the ssl certificate in order to secure your registry.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/","og_locale":"en_US","og_type":"article","og_title":"Secure a docker registry using ssl - Web Code Geeks - 2026","og_description":"Interested to learn more about how to Secure docker registry? Then check out our detailed Secure a docker registry using ssl article where you will learn how to add the ssl certificate in order to secure your registry.","og_url":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/","og_site_name":"Web Code Geeks","article_publisher":"https:\/\/www.facebook.com\/webcodegeeks","article_published_time":"2018-06-07T09:15:28+00:00","og_image":[{"width":150,"height":150,"url":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg","type":"image\/jpeg"}],"author":"Emmanouil Gkatziouras","twitter_card":"summary_large_image","twitter_creator":"@webcodegeeks","twitter_site":"@webcodegeeks","twitter_misc":{"Written by":"Emmanouil Gkatziouras","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#article","isPartOf":{"@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/"},"author":{"name":"Emmanouil Gkatziouras","@id":"https:\/\/www.webcodegeeks.com\/#\/schema\/person\/f242ded62465cfd1f8f091603351ba96"},"headline":"Secure a docker registry using ssl","datePublished":"2018-06-07T09:15:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/"},"wordCount":293,"commentCount":0,"publisher":{"@id":"https:\/\/www.webcodegeeks.com\/#organization"},"image":{"@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage"},"thumbnailUrl":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg","keywords":["Docker"],"articleSection":["DevOps"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/","url":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/","name":"Secure a docker registry using ssl - Web Code Geeks - 2026","isPartOf":{"@id":"https:\/\/www.webcodegeeks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage"},"image":{"@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage"},"thumbnailUrl":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg","datePublished":"2018-06-07T09:15:28+00:00","description":"Interested to learn more about how to Secure docker registry? Then check out our detailed Secure a docker registry using ssl article where you will learn how to add the ssl certificate in order to secure your registry.","breadcrumb":{"@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#primaryimage","url":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg","contentUrl":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2016\/01\/docker-logo.jpg","width":150,"height":150},{"@type":"BreadcrumbList","@id":"https:\/\/www.webcodegeeks.com\/devops\/secure-a-docker-registry-using-ssl\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.webcodegeeks.com\/"},{"@type":"ListItem","position":2,"name":"DevOps","item":"https:\/\/www.webcodegeeks.com\/category\/devops\/"},{"@type":"ListItem","position":3,"name":"Secure a docker registry using ssl"}]},{"@type":"WebSite","@id":"https:\/\/www.webcodegeeks.com\/#website","url":"https:\/\/www.webcodegeeks.com\/","name":"Web Code Geeks","description":"Web Developers Resource Center","publisher":{"@id":"https:\/\/www.webcodegeeks.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.webcodegeeks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.webcodegeeks.com\/#organization","name":"Exelixis Media P.C.","url":"https:\/\/www.webcodegeeks.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.webcodegeeks.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","contentUrl":"https:\/\/www.webcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","width":864,"height":246,"caption":"Exelixis Media P.C."},"image":{"@id":"https:\/\/www.webcodegeeks.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/webcodegeeks","https:\/\/x.com\/webcodegeeks"]},{"@type":"Person","@id":"https:\/\/www.webcodegeeks.com\/#\/schema\/person\/f242ded62465cfd1f8f091603351ba96","name":"Emmanouil Gkatziouras","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.webcodegeeks.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5c6d031d211ab786ec335687ad6f3f076f93f47e24c92d78041d2f805ee6c291?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5c6d031d211ab786ec335687ad6f3f076f93f47e24c92d78041d2f805ee6c291?s=96&d=mm&r=g","caption":"Emmanouil Gkatziouras"},"description":"He is a versatile software engineer with experience in a wide variety of applications\/services.He is enthusiastic about new projects, embracing new technologies, and getting to know people in the field of software.","sameAs":["http:\/\/egkatzioura.wordpress.com\/","https:\/\/gr.linkedin.com\/in\/gkatziourasemmanouil"],"url":"https:\/\/www.webcodegeeks.com\/author\/emmanouil-gkatziouras\/"}]}},"_links":{"self":[{"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/posts\/21800","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/users\/99"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/comments?post=21800"}],"version-history":[{"count":0,"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/posts\/21800\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/media\/10356"}],"wp:attachment":[{"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/media?parent=21800"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/categories?post=21800"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webcodegeeks.com\/wp-json\/wp\/v2\/tags?post=21800"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}