The configuration file specifies the domain name to use http, but the push mode is still https

[guolong123]

my config file：

# cat buildkit-config.toml
debug = true
insecure-entitlements = [ "network.host", "security.insecure"]
[registry."registry.ketaops.cn"]
  http = true

# create buildx driver
docker buildx create --use --driver docker-container --platform linux/amd64,linux/arm64 --name multi-builder-1 --config ./buildkit-config.toml

# build image and push
docker buildx build --platform linux/amd64 -t registry.ketaops.cn/xishuhq/keta-agent:230130-2 -o type=registry .

# error
...
> exporting to image:
------
ERROR: failed to solve: failed to push registry.ketaops.cn/xishuhq/keta-agent:230130-2: failed to do request: Head "https://registry.ketaops.cn/v2/xishuhq/keta-agent/blobs/sha256:be916d61283eab10f4e91e8fdf4edf25ec5e6afe29e3750050801b7401ac1acd": x509: certificate is valid for ingress.local, not registry.ketaops.cn

I've tried using local IP+ port and found it works. Why is there a problem when using domain names?

In addition, the IP address resolved by my domain name is the Intranet address of my server, and this domain name supports only http, not https

[crazy-max]

[registry."registry.ketaops.cn"]
  http = true
  insecure = true

might also be related to https://github.com/moby/buildkit/pull/3382

[guolong123]

[registry."registry.ketaops.cn"]
  http = true
  insecure = true

也可能与#3382有关

Seen the [3382] (https://github.com/moby/buildkit/pull/3382), but I didn't set the HTTP and insecure at the same time, not only set the HTTP

Also, I have tried to set it at the same time and it doesn't work. It is OK to set http to ketaops.cn and also point the mirror address to ketaops.cn，It seems that using the full domain name is problematic