44. htpasswd
.htpasswd
is
a
flat-‐file
used
to
store
usernames
and
password
for
basic
authentication
on
an
Apache
HTTP
Server
$
sudo
apt-‐get
-‐y
install
apache2-‐utils
CMD
45. htpasswd
$
htpasswd
-‐c
.htpasswd
dobestan
New
password:
Re-‐type
new
password:
Adding
password
for
user
dobestan
CMD
Result
$
cat
.htpasswd
dobestan:$apr1$mtXLPDLn$YXdZDqy8Rrbtq39iieV2B0
CMD
Result
47. docker
push
$
docker
push
54.64.158.154/hello_world
CMD
Result
The
push
refers
to
a
repository
[54.64.158.154/hello_world]
Sending
image
list
Pushing
repository
54.64.158.154/hello_world
(1
tags)
511136ea3c5a:
Pushing
2014/09/20
23:36:39
HTTP
code
401,
Docker
will
not
send
auth
headers
over
HTTP.
50. Self
Signed
Certi
$
openssl
genrsa
-‐out
private_key.pem
2048
CMD
1.
개인키
생성하기
51. Self
Signed
Certi
$
openssl
req
-‐new
-‐key
private_key.pem
-‐out
server.csr
Country
Name
(2
letter
code)
[AU]:KO
State
or
Province
Name
(full
name)
[Some-‐State]:Seoul
Locality
Name
(eg,
city)
[]:Seoul
Organization
Name
(eg,
company):Dreampic
Organizational
Unit
Name
(eg,
section)
[]:Dev
Common
Name
(e.g.
server
FQDN
or
YOUR
name)
[]:54.64.158.154
Email
Address
[]:dobestan@gmail.com
CMD
Result
2.
CSR
생성하기
52. Self
Signed
Certi
3.
$
openssl
x509
-‐req
-‐days
365
-‐in
server.csr
-‐signkey
private_key.pem
-‐out
server.crt
CMD
Result
인증서
발급하기
Signature
ok
subject=/C=KO/ST=Seoul/L=Seoul/O=Dreampic/OU=Dev/CN=54.64.158.154/
emailAddress=dobestan@gmail.com
Getting
Private
key
53. Self
Signed
Certi
4.
인증서
설치하기
$
sudo
cp
server.crt
/usr/share/ca-‐certificates/ CMD
$
echo
"server.crt"
|
sudo
tee
-‐a
/etc/ca-‐certificates.conf
CMD
$
sudo
update-‐ca-‐certificates
CMD
Result
!
Updating
certificates
in
/etc/ssl/certs...
1
added,
0
removed;
done.
Running
hooks
in
/etc/ca-‐certificates/update.d....done.
54. docker
login
$
docker
login
54.64.158.154
CMD
Result
Username:
dobestan
Password:
Email:
dobestan@gmail.com
2014/09/25
14:16:25
Error
response
from
daemon:
Invalid
Registry
endpoint:
Get
https://54.64.158.154/v1/_ping:
x509:
cannot
validate
certificate
for
54.64.158.154
because
it
doesn't
contain
any
IP
SANs
55. Error
response
from
daemon:
Invalid
Registry
endpoint
x509:
cannot
validate
certificate
for
it
doesn't
contain
any
IP
SANs
58. Self
Signed
Certi
$
openssl
req
-‐new
-‐key
private_key.pem
-‐out
server.csr
Country
Name
(2
letter
code)
[AU]:KO
State
or
Province
Name
(full
name)
[Some-‐State]:Seoul
Locality
Name
(eg,
city)
[]:Seoul
Organization
Name
(eg,
company):Dreampic
Organizational
Unit
Name
(eg,
section)
[]:Dev
Common
Name
:
registry.dobestan.com
Email
Address
[]:dobestan@gmail.com
CMD
Result
2.
CSR
생성하기
:
도메인
이름으로