squashing down to a single commit and change back to cert.pem
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Upstream-commit: 5cd64cb93fe64c6ab7b22ef3dbe4ea06ef5e79b9
Component: engine
subjectAltName=IP:x.x.x.x
this allows for connecting to the docker server from docker client
using the dns name OR using the IP address (lots of docker stuff
prefers IP addresses)
Signed-off-by: Greg Fausak <greg@tacodata.com>
Upstream-commit: df8d80710297385aa7c8db41fdd1ef6795e39ae3
Component: engine
Fix typos in setup docs where tcp://:2376 is used without the $HOST
parameter.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Upstream-commit: 6a1da678de2150a0dcf943614b6c1a1a2012ab38
Component: engine
Colon was bold, but regular at other occurences.
Blame cf27b310c4fc8d2c13ba181398a628d03e1e3c58
Signed-off-by: Lorenz Leutgeb <lorenz.leutgeb@gmail.com>
Upstream-commit: a51554988e615b317e95125f5612a28c3bff8e8a
Component: engine
* Adjust header to match _page_title
* Add instructions on deletion of CSRs and setting permissions
* Simplify some path expressions and commands
* Consqeuently use ~ instead of ${HOME}
* Precise formulation ('key' vs. 'public key')
* Fix wrong indentation of output of `openssl req`
* Use dash ('--') instead of minus ('-')
Remark on permissions:
It's not a problem to `chmod 0400` the private keys, because the
Docker daemon runs as root (can read the file anyway) and the Docker
client runs as user.
Signed-off-by: Lorenz Leutgeb <lorenz.leutgeb@gmail.com>
Upstream-commit: 02a793c6a133f46129d0fc83ce218d3a92f1e644
Component: engine
Using --insecure is (you guessed it) *insecure* as the server side
certificate is not being validated. To offer the same degree of
security as invocations of the docker client in "Secure by default"
with cURL, the trusted CA certificate must be supplied.
Signed-off-by: Lorenz Leutgeb <lorenz.leutgeb@gmail.com>
Upstream-commit: 26187bd851141236a909c0bada5a2743fc237e0e
Component: engine
With -CAcreateserial the serial file will be automatically created
and initialized if it is missing.
Signed-off-by: Lorenz Leutgeb <lorenz.leutgeb@gmail.com>
Upstream-commit: 131c62d7661ace86453de540cb1a58956b59e347
Component: engine
Do not encrypt private keys in the first place, if the encryption
is stripped anyway.
Signed-off-by: Lorenz Leutgeb <lorenz.leutgeb@gmail.com>
Upstream-commit: f957f258d722fa563ead0a14978acca7c6745d3f
Component: engine
This makes it possible to make the Docker client "secure by default"
without wrapping the binary in a shell alias so that `--tlsverify` is
always passed.
Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
Upstream-commit: 19fb942d3609f647adeda68c6ca106371c7b32ac
Component: engine
DOCKER_CONFIG was introduced in #6984.
We may use "config" for other purposes (e.g. #7232). Until we
have made a design decision around how configuration files will
work, DOCKER_CERT_PATH is a much safer name to rely on for future
compatibility.
Docker-DCO-1.1-Signed-off-by: Ben Firshman <ben@firshman.co.uk> (github: bfirsh)
Upstream-commit: a49de2c46713149053b0ee25313c6f7a39273c25
Component: engine
This commit proposes some minor amendments and updates
for the articles/https.md document to fix certain errors, inc.:
- Marking commands / flags as code (e.g. `tlsverify`) [done before rebase]
- Capitalising the word Docker
- Normalizing headers to match the rest of the docs;
- Expanding the page description to match the page title and the content;
- Capitalizing HTTPS etc.;
- Some spelling error fixes;
- Line-length adjustments to make it easier to read the raw file.
It does not propose any fundemental changes to the structure of the document.
Certain changes were based before another update on this doc.
Docker-DCO-1.1-Signed-off-by: O.S. Tezer <ostezer@gmail.com> (github: ostezer)
Upstream-commit: 711fb3e19d4caf7f084d8d1eaca85cfbaef6e978
Component: engine
Can now dynamically set the docker config directory through an
environment variable.
export DOCKER_CONFIG=/path/to/docker_config/
Default behavior remains the same, e.g. ~/.docker
Documentation for change added to the https.md docs.
Docker-DCO-1.1-Signed-off-by: James A. Kyle <james@jameskyle.org> (github: jameskyle)
Upstream-commit: c0471ee35aa58a99b423ad914301194e8f3663c1
Component: engine
* Added User Guide section outlines.
* Added User Guide to menu.
* Moved HTTPS example to articles.
* Replaced Hello World example with User Guide.
* Moved use cases out of examples.
* Updated Introduction to add User Guide.
* Redirected migrated /use and /articles links.
* Added Docker.io section
* Added Dockerized section
* Added Using Docker section
* Added Docker Images section
* Added Docker Links section
* Added Docker Volumes section
Docker-DCO-1.1-Signed-off-by: James Turnbull <james@lovedthanlost.net> (github: jamtur01)
Upstream-commit: a7b2c4804b2d98c2b5622db40d3d70b88529d7fe
Component: engine
