Skip to content

x509 error in deploy stop logs

Jump to bottom
Arpit Saxena edited this page May 10, 2022 · 2 revisions

In case of x509 error during deploy/stop action:

  1. Renew certs for local docker registry:
    openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt

    • In the "Common Name" field enter registry.mainvm

  2. Copy certs/* to /media/disk/certs/ on mainvm

  3. Copy domain.crt to /etc/docker/certs.d/registry.mainvm:5000/ca.crt on all VMs

  4. Stop and remove registry on mainvm. Do NOT purge volumes.

  5. Run registry using following command:

docker run -d \
  --restart=always \
  --name registry \
  -v /media/disk/certs:/certs \
  -v /media/disk/registry:/var/lib/registry \
  -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
  -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
  -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
  -p 5000:443 \
  registry:2
  1. Wait 365 days to get the same error.
  2. Goto 1.

Clone this wiki locally