我正在尝试使用此 tutorial 运行私有(private) docker 注册表.但是在我完成所有操作并运行 docker-compose 之后,我从 nginx 容器中得到以下错误
no "ssl_certificate_key" is defined for certificate "/home/user/registry/nginx/ssl/key.pem"
这是 registry.conf 文件:
upstream docker-registry {
server registry:5000;
}
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl http2;
server_name privatesecurereg.netspan.com;
ssl_certificate /home/user/registry/nginx/ssl/csr.pem;
ssl_certificate /home/user/registry/nginx/ssl/key.pem;
# Log files for Debug
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
location / {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
proxy_pass http://docker-registry;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 900;
}
}
什么是 rpobelom 以及如何修复它?
更新:
这是我的 docker-compose:
nginx:
image: nginx:alpine
container_name: nginx
restart: unless-stopped
tty: true
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/conf.d/:/etc/nginx/conf.d/
- ./nginx/ssl/:/etc/nginx/ssl/
networks:
- mynet
最佳答案
您将证书目录 /home/user/registry/nginx/ssl/ 挂载到 docker 中的 /etc/nginx/ssl
因此在 nginx 配置中你需要使用 /etc/nginx/ssl 下的 ssl 文件更改 fullchain.pem 或 privkey.pem 如果需要,顺便说一句,这是来自教程,请尝试遵循它
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
关于docker - Nginx 容器 : no "ssl_certificate_key" is defined for certificate,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69211110/