Commit 599ca98c authored by DQ's avatar DQ
Browse files

Hidden veriify client cert verfiy option



Remove to avoid replication access core from external_url issue
Signed-off-by: default avatarDQ <dengq@vmware.com>
parent 4a292bf1
......@@ -21,8 +21,6 @@ https:
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # verify_client_cert used to decide whether verify client certificate
# verify_client_cert: false
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal
......
......@@ -37,8 +37,6 @@ https:
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # verify_client_cert used to decide whether verify client certificate
# verify_client_cert: false
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal
......
......@@ -342,7 +342,7 @@ def parse_yaml_config(config_file_path, with_notary, with_clair, with_trivy, wit
if internal_tls_config and internal_tls_config.get('enabled'):
config_dict['internal_tls'] = InternalTLS(
internal_tls_config['enabled'],
internal_tls_config['verify_client_cert'],
False,
internal_tls_config['dir'],
configs['data_volume'],
with_notary=with_notary,
......
......@@ -7,7 +7,6 @@ sudo sed "s/reg.mydomain.com/$IP/" make/harbor.yml.tmpl |sudo tee make/harbor.ym
# enable internal tls
echo "internal_tls:" >> make/harbor.yml
echo " enabled: true" >> make/harbor.yml
echo " verify_client_cert: true" >> make/harbor.yml
echo " dir: /etc/harbor/tls/internal" >> make/harbor.yml
# TODO: remove it when scanner adapter support internal access of harbor
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment