I'm not able to auth on private registry
jeusdi opened this issue · 4 comments
I've create an htpasswd file and a certificate (a .crt + .key files).
After that I start my registry:
docker run -d -p 5000:5000 -p 444:443 --restart=always --name registry
-v /root/docker-registry/auth/:/auth
-e "REGISTRY_AUTH=htpasswd"
-e "REGISTRY_AUTH_HTPASSWD_REALM=Restricted"
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/docker-registry.htpasswd
-v /root/docker-registry/certs/:/certs
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/docker-registry.crt
-e REGISTRY_HTTP_TLS_KEY=/certs/docker-registry.key registry:2
So, I'm trying to login on registry, but I'm receiving this response:
docker login -u XXX -p PPP -e xxx@xxx.xxx localhost:5000
Response:
Warning: '-e' is deprecated, it will be removed soon. See usage.
Error response from daemon: login attempt to https://localhost:5000/v2/ failed with status: 401 Unauthorized
I've took a look on logs (docker logs registry):
172.17.0.1 - - [18/Jul/2016:07:49:16 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/1.11.2 go/go1.5.4 git-commit/b9f10c9 kernel/3.10.0-327.18.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.11.2 (linux))"
time="2016-07-18T07:49:16Z" level=error msg="error authenticating user "jordi": authentication failure" go.version=go1.6.2 http.request.host="localhost:5000" http.request.id=209842a5-2d5c-468b-a444-2b960c2fb696 http.request.method=GET http.request.remoteaddr="172.17.0.1:58953" http.request.uri="/v2/" http.request.useragent="docker/1.11.2 go/go1.5.4 git-commit/b9f10c9 kernel/3.10.0-327.18.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.11.2 (linux))" instance.id=74445728-3e01-4ef6-9027-109b5fcfd135 version=v2.4.1
time="2016-07-18T07:49:16Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Restricted": authentication failure" go.version=go1.6.2 http.request.host="localhost:5000" http.request.id=209842a5-2d5c-468b-a444-2b960c2fb696 http.request.method=GET http.request.remoteaddr="172.17.0.1:58953" http.request.uri="/v2/" http.request.useragent="docker/1.11.2 go/go1.5.4 git-commit/b9f10c9 kernel/3.10.0-327.18.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.11.2 (linux))" instance.id=74445728-3e01-4ef6-9027-109b5fcfd135 version=v2.4.1
172.17.0.1 - - [18/Jul/2016:07:49:16 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/1.11.2 go/go1.5.4 git-commit/b9f10c9 kernel/3.10.0-327.18.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/1.11.2 (linux))"
I've been working on this issue for a long time, but I'm quite able to figure out waht I'm doing wrong...
You given me a clue. I've dug out a bit and I've realised I used htpasswd command tool without -B option:
htpasswd -Bbn user passwd > docker-registry.htpasswd
It works fine now using this command:
docker login -u user -p passwd -e xxx@xxx.xxx localhost:5000
Login Succeeded
However, as you can see before I've configured registry with TLS certificates.
docker login -u user -p passwd -e xxx@xxx.xxx https://localhost:443
I'm comming up with this message each time:
Error response from daemon: Get http://localhost:443/v1/users/: read tcp [::1]:58076->[::1]:443: read: connection reset by peer
registry is listening on 443 and 5000:
# docker port registry
443/tcp -> 0.0.0.0:443
5000/tcp -> 0.0.0.0:5000
So, I'm trying to connect to it using only secured connection...
I have the same problem,please help