以Harbor为例,ssl证书更新后,docker-compose启动不起作用。
问题出在一句很重要的命令:./prepare
步骤:(Harbor样例)
cd /data/ssl 换ssl证书
Harbor.yml ssl证书部分:
# Configuration file of Harbor # The IP address or hostname to access admin UI and registry service. # DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients. hostname: reg.xxx.cn # http related config http: # port for http, default is 80. If https enabled, this port will redirect to https port port: 80 # https related config https: # https port for harbor, default is 443 port: 443 # The path of cert and key files for nginx certificate: /data/ssl/xxx.cn_server.crt private_key: /data/ssl/xxx.cn_server.key # # Uncomment following will enable tls communication between all harbor components # internal_tls: # # set enabled to true means internal tls is enabled # enabled: true # # put your cert and key files on dir # dir: /etc/harbor/tls/internal # Uncomment external_url if you want to enable external proxy # And when it enabled the hostname will no longer used # external_url: https://reg.mydomain.com:8433 # The initial password of Harbor admin # It only works in first time to install harbor # Remember Change the admin password from UI after launching Harbor.
然后:
docker-compose down
docker ps -a
./prepare #这个必须得执行,否则ssl证书不生效
docker-compose up -d
docker ps
联系客服