BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Docker Exam DCA Topic 5 Question 99 Discussion

Actual exam question for Docker's DCA exam
Question #: 99
Topic #: 5
[All DCA Questions]

Is this a way to configure the Docker engine to use a registry without a trusted TLS certificate?

Solution: Set IGNORE_TLS in the 'daemon.json' configuration file.

Show Suggested Answer Hide Answer
Suggested Answer: B

= This is not a way to configure the Docker engine to use a registry without a trusted TLS certificate. There is no such option as IGNORE_TLS in the daemon.json configuration file.The daemon.json file is used to configure various aspects of the Docker engine, such as logging, storage, networking, and security1.To use a registry without a trusted TLS certificate, you need to either add the certificate to the trusted root certificates of the system, or configure the Docker engine to allow insecure registries2.To add the certificate to the trusted root certificates, you need to copy the certificate file to the /etc/docker/certs.d/<registry-hostname>/ directory on every Docker host2.To configure the Docker engine to allow insecure registries, you need to add the registry hostname or IP address to the ''insecure-registries'' array in the daemon.json file3. For example:

{ ''insecure-registries'' : [''myregistry.example.com:5000''] }

Note that using insecure registries is not recommended, as it exposes you to potential man-in-the-middle attacks and data corruption3.You should always use a registry with a trusted TLS certificate, or use Docker Content Trust to sign and verify your images4.Reference:

Daemon configuration file | Docker Docs

Verify repository client with certificates | Docker Docs

Test an insecure registry | Docker Docs

Content trust in Docker | Docker Docs


by Lorenza at Sep 17, 2024, 11:11 AM

Limited Time Offer

25%

Off

Get Premium DCA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Theron
1 months ago
I prefer to keep my TLS certificates in order, thank you very much. Wouldn't want any security breaches on my watch!
upvoted 0 times
Francesco
20 hours ago
B) No
upvoted 0 times
...
Nickie
21 days ago
A) Yes
upvoted 0 times
...
...
Lashunda
1 months ago
Wait, so we're just ignoring security best practices now? Sounds like a recipe for disaster to me.
upvoted 0 times
...
Eleonore
1 months ago
Yep, that's the way to do it. No need for fancy certificates when you're just playing around with Docker, amirite?
upvoted 0 times
Tamar
3 days ago
Exactly, no need for all that extra security when you're just testing things out.
upvoted 0 times
...
Oretha
15 days ago
A) Yes
upvoted 0 times
...
...
Vilma
1 months ago
Setting 'IGNORE_TLS' is the perfect solution for those of us who just can't be bothered with all that encryption nonsense. Ain't nobody got time for that!
upvoted 0 times
...
Eleonora
2 months ago
Haha, this is like the IT version of 'I'm not a cat!' Just ignore the security, what could go wrong?
upvoted 0 times
...
Maynard
2 months ago
Definitely the way to go! Who needs those pesky TLS certificates anyway? I'm all about that 'IGNORE_TLS' life!
upvoted 0 times
Bethanie
13 days ago
A) Definitely the way to go! Who needs those pesky TLS certificates anyway? I'm all about that 'IGNORE_TLS' life!
upvoted 0 times
...
Tegan
16 days ago
B) No
upvoted 0 times
...
Kasandra
25 days ago
A) Yes
upvoted 0 times
...
...
Denna
2 months ago
That makes sense. It's a way to bypass the TLS certificate check.
upvoted 0 times
...
Salina
2 months ago
Yes, we can set IGNORE_TLS in the 'daemon.json' configuration file.
upvoted 0 times
...
Denna
2 months ago
Do you think we can configure Docker engine to use a registry without a trusted TLS certificate?
upvoted 0 times
...

Save Cancel