0%

harbor更新ssl证书

申请证书

下载下来的证书.pem格式可以直接修改成.crt格式.
私钥.key格式的文件.

更新harbor证书

服务器harbordocker-compose启动.

  1. 更新这个目录下证书文件
    cat harbor.yml
# https related config
https:
#   # https port for harbor, default is 443
  port: 443
#   # The path of cert and key files for nginx
  certificate: /usr/local/bin/harbor/certs/harbor.crt
  private_key: /usr/local/bin/harbor/certs/harbor.key
  1. 找到harbornginx映射的cert目录,更新其中的证书.
    cat docker-compose.yml 
proxy:
    image: goharbor/nginx-photon:v1.9.1
    container_name: nginx
    volumes:
      - ./common/config/nginx:/etc/nginx:z
      - /data/harbor/secret/cert:/etc/cert:z
    networks:
      - harbor
    dns_search: .
# ...
  1. 重启nginx
    docker-compose restart proxy