Cregganna
Cadet
- Joined
- Feb 13, 2023
- Messages
- 2
Hi,
New to TrueNAS so apologies if I don't follow protocol or have missed a piece of documentation somewhere on how to do this. I have searched but cannot find it referenced anywhere.
System: TrueNAS-SCALE-22.12.0
OS: Debian GNU/Linux 11
Issue: Pulling a Docker Image from a local Registry that is using a certificate created via TrueNAS Scale certificates results in:
I'm loving the Certificate management in the GUI and have used it to create my own Certificate Authority and used that to create Certificates.
The issue I have is that the CA (Cregganna.crt) is not installed as a trusted cert on the NAS itself.
My fix is to do the following as root from the Shell on the NAS.
This then allows me to pull the Docker Image (docker-registry.cregganna.com/lighttpd:latest) from the local docker registry using GUI->Apps->Manage Docker Images->Pull Image.
Of course, the issue is that modifying the system in this way requires knowledge of where TrueNAS Scale holds those certificates and seems to go against the perfectly reasonable principle of TrueNAS Scale only being modifiable via the GUI to minimize destabilization.
Would it be possible to add a feature where you could tick a box on the certificate in the GUI->Credentials->Certificates->Certificate Authority screen to "Trust on this NAS".
Many Thanks,
Anthony Jewell
New to TrueNAS so apologies if I don't follow protocol or have missed a piece of documentation somewhere on how to do this. I have searched but cannot find it referenced anywhere.
System: TrueNAS-SCALE-22.12.0
OS: Debian GNU/Linux 11
Issue: Pulling a Docker Image from a local Registry that is using a certificate created via TrueNAS Scale certificates results in:
I'm loving the Certificate management in the GUI and have used it to create my own Certificate Authority and used that to create Certificates.
The issue I have is that the CA (Cregganna.crt) is not installed as a trusted cert on the NAS itself.
My fix is to do the following as root from the Shell on the NAS.
Code:
cd /etc/ssl/certs ln -s /etc/certificates/CA/Cregganna.crt nas-Cregganna.crt service docker restart
This then allows me to pull the Docker Image (docker-registry.cregganna.com/lighttpd:latest) from the local docker registry using GUI->Apps->Manage Docker Images->Pull Image.
Of course, the issue is that modifying the system in this way requires knowledge of where TrueNAS Scale holds those certificates and seems to go against the perfectly reasonable principle of TrueNAS Scale only being modifiable via the GUI to minimize destabilization.
Would it be possible to add a feature where you could tick a box on the certificate in the GUI->Credentials->Certificates->Certificate Authority screen to "Trust on this NAS".
Many Thanks,
Anthony Jewell
