From 3ae7d9ca651a30e46ab8ccac47b602db917f4f03 Mon Sep 17 00:00:00 2001 From: Wang Jie Date: Wed, 23 Aug 2017 07:45:22 +0800 Subject: [PATCH] Update insecure.md (#4318) --- docs/insecure.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/insecure.md b/docs/insecure.md index 66869602..933d2732 100644 --- a/docs/insecure.md +++ b/docs/insecure.md @@ -9,10 +9,10 @@ issued by a known CA, you can choose to use self-signed certificates, or use your registry over an unencrypted HTTP connection. Either of these choices involves security trade-offs and additional configuration steps. -## Deploying a plain HTTP registry +## Deploy a plain HTTP registry > **Warning**: -> it's not possible to use an insecure registry with basic authentication. +> It's not possible to use an insecure registry with basic authentication. {:.warning} This procedure configures Docker to entirely disregard security for your @@ -51,10 +51,10 @@ isolated testing or in a tightly controlled, air-gapped environment. Repeat these steps on every Engine host that wants to access your registry. -## Using self-signed certificates +## Use self-signed certificates > **Warning**: -> using this along with basic authentication requires to **also** trust the certificate into the OS cert store for some versions of docker (see below) +> Using this along with basic authentication requires to **also** trust the certificate into the OS cert store for some versions of docker (see below) {:.warning} This is more secure than the insecure registry solution. @@ -71,7 +71,7 @@ This is more secure than the insecure registry solution. Be sure to use the name `myregistrydomain.com` as a CN. -2. Use the result to [start your registry with TLS enabled](./deploying.md#get-a-certificate) +2. Use the result to [start your registry with TLS enabled](./deploying.md#get-a-certificate). 3. Instruct every Docker daemon to trust that certificate. The way to do this depends on your OS. @@ -103,7 +103,7 @@ This is more secure than the insecure registry solution. Restart Docker. -## Troubleshooting insecure registry +## Troubleshoot insecure registry This sections lists some common failures and how to recover from them. @@ -160,6 +160,6 @@ Then, select the following options: * Click **Browser**, and select **Trusted Root Certificate Authorities** * Click **Finish** -[Learn more about managing TLS certificates](https://technet.microsoft.com/en-us/library/cc754841(v=ws.11).aspx#BKMK_addlocal) +[Learn more about managing TLS certificates](https://technet.microsoft.com/en-us/library/cc754841(v=ws.11).aspx#BKMK_addlocal). After adding the CA certificate to Windows, restart Docker for Windows.