Container Registry supports custom domain names. This feature allows you to configure a custom domain name with an SSL certificate for a Container Registry Enterprise Edition instance. Then, you can use the custom domain name to access the instance based on the HTTPS protocol. This topic describes how to use a custom domain name to access a Container Registry Enterprise Edition instance.
Prerequisites
- A domain name with an Internet Content Provider (ICP) filing is obtained.
A domain name consists of a series of labels that are separated by periods (.). You can identify the location of a Container Registry Enterprise Edition instance based on its domain name. You can register a domain name in the Alibaba Cloud Domains console. For more information, see What is Domains?.Note If the Container Registry Enterprise Edition instance for which you want to configure a domain name is deployed outside China, you do not need to obtain an ICP filing for the domain name.
- An SSL certificate is obtained.
SSL certificates comply with the HTTPS protocol. If a Container Registry Enterprise Edition instance uses a domain name that has an SSL certificate, you can enable HTTPS authentication and encryption for the instance. This secures data transmission.
SSL Certificates Service provides digital server certificates that are issued by certification authorities (CAs) both inside and outside China on the Alibaba Cloud platform. SSL Certificates Service helps you transform your services from HTTP to HTTPS at the minimum cost. You can purchase or upload an SSL certificate in the SSL Certificates Service console. For more information, see Purchase an SSL Certificates Service instance.
Note If you want to use an SSL certificate that is purchased from and signed by a third-party certificate service provider, you must upload the SSL certificate to SSL Certificates Service. For more information, see Upload certificates. - Alibaba Cloud DNS is activated.
Alibaba Cloud DNS can resolve a custom domain name to the IP addresses of the Container Registry Enterprise Edition instance. Then, requests can be routed to the Container Registry Enterprise Edition instance. For more information, see Activate Alibaba Cloud DNS PrivateZone.
- A RAM role that has permissions on SSL certificates is configured.
Before you use a custom domain name, create a RAM role for your Alibaba Cloud account and grant the RAM role permissions to access SSL certificates. This allows Container Registry to access SSL certificates. For more information, see Grant permissions to a RAM role before you use a custom domain name.
Add a custom domain name
- Each instance provides two default domain names: a public domain name and a private domain name.
- You can add custom domain names for an instance.
Configure access control and Alibaba Cloud DNS
Access over the Internet
After you configure access over the Internet and add the custom domain name in Alibaba Cloud DNS, you can use the custom domain name to access your Container Registry Enterprise Edition instance over the Internet.
Access over a VPC
After you configure access over a virtual private cloud (VPC) and PrivateZone, you can use the custom domain name to access your Container Registry Enterprise Edition instance over a VPC.