Self signed certificates

[ghost]

Hi ! Thanks for your work ! I'm triing to set up the proxy but I can't do that because my gitlab registry is self signed (on intranet). Nginx says me : error self signed certificate.

How can I bypass this error ?

And, is it production ready ?

Thanks !!

[rpardini]

Yes, many people are using this in production, few people are using it securely. Please read the README, the Dockerfile, nginx.conf and entrypoint.sh, and you'll discover how to disable upstream cert verification, and hopefully realize it's a terrible idea, and just fix your gitlab cert, eg, use LetsEncrypt. Good luck.

[rpardini]

Again, I can not stress this too much: disabling SSL verification disables it for ALL the upstreams, even DockerHub. This leaves you vulnerable to a number of attacks, not only between this and your insecure registry, but between this and any registry even if unrelated. Don't do it.