IBM Security QRadar SOAR

 View Only
Expand all | Collapse all

Question on configuring a private repository for Apphost

  • 1.  Question on configuring a private repository for Apphost

    Posted Mon July 18, 2022 09:24 AM
    I have setup a private repository for Apphost as mentioned in Configuring a private repository - IBM Documentation.
    When I deploy app using public repository like quay.io everything work fine.
    When using my private repo I got the following error even though I had added self-signed cert to trusted store in apphost:

    """

    ErrImagePull: rpc error: code = Unknown desc = failed to pull and unpack image "x.x.x.x:5000/ibmresilient/fn_utilities:2.1.1": failed to resolve reference "x.x.x.x:5000/ibmresilient/fn_utilities:2.1.1": failed to do request: Head "https://x.x.x.x:5000/v2/ibmresilient/fn_utilities/manifests/2.1.1": x509: certificate signed by unknown authority

    """

    Do you guys have any solutions to this?

    ------------------------------
    Nguyen Duc Huy
    ------------------------------


  • 2.  RE: Question on configuring a private repository for Apphost

    InnerCircle
    Posted Tue July 19, 2022 07:53 AM
    You need to make sure you tag your images appropriately.  AppHost expects to find the image under <private repo host>:<private repo port>/ibmresilient/<package name>:<package version>

    So for your fn_utilities 2.1.1

    docker build --no-cache -t x.x.x.x:5000/ibmresilient/fn_utilities:2.1.1 .
    docker push x.x.x.x:5000/ibmresilient/fn_utilities:2.1.1

    For the certificate errors, you may try this IBM KB to see if it fixes your self-signed certificate:
    https://www.ibm.com/docs/en/cloud-paks/cp-management/2.2.x?topic=tcnm-logging-into-your-docker-registry-fails-x509-certificate-signed-by-unknown-authority-error


    ------------------------------
    David Vasil
    ------------------------------