我在内网一台服务器上搭建了私有CA中心来做自授权ssl证书,将生成的根证书导入浏览器后访问https没有再出现警告,但我在另外一台CentOS上使用curl https://username:password@my.domain.com:8000/也正常,但docker login https://my.domaian.com:8000/时报错:
certificate signed by unknown authority (possibly because of "crypto/rsa:
verification error" while trying to verify candidate authority certificate "my.domain.com")
问题是,在centos上怎样做才能够信任这个自签署的根证书CA呢
docker 有自己的证书存放目录,路径是 /etc/docker/certs.d/。格式详见官方文档:https://github.com/docker/docker/blob/master/docs/sources/articles/certificates.md
另外,操作系统添加根证书的各种姿势:
http://kb.kerio.com/product/kerio-connect/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html