docs/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst
Elisamara Aoki Goncalves 8314d46f72 Configuring docker registry certificate
Update documentation regarding the Docker Registry certificate.
Remove deprecated section Local Registry Server Certificates.
Fix ref link.

Story: 2009811
Task: 50152

Change-Id: Id6b3469419b5d1a3a195795535aa496334dec211
Signed-off-by: Elisamara Aoki Goncalves <elisamaraaoki.goncalves@windriver.com>
2024-09-23 12:26:36 +00:00

965 B

Configure Docker Registry Certificate

During installation, the Platform Issuer (system-local-ca) will automatically issue a certificate used to secure access to the Local Docker Registry API. After bootstrap, this certificate's fields can be updated using the procedure migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d. The certificate will be managed by cert-manager (auto renewed upon expiration).

This certificate will be stored in a Kubernetes secret in namespace deployment, named system-registry-local-certificate. It will be managed by cert-manager, renewed upon expiration and the required services restarted automatically.

The certificate will be anchored by system-local-ca's Root . For more information, refer to system-local-ca-issuer-9196c5794834.