I have setup a docker registry for my university for us to start using for sensitive images. Everything is set we just need to open it up to the outside world. However, our security guys have given a great big “no” on that one. The docker container registry image is running TLS 1.0. We must disable that before we can open it to the outside world and integrate it into our cloud infrastructure. I can’t find any guidance on how to do such, though it appears I’m not the first to ask.

Additionally, they are also requiring we turn on HSTS, I have found absolutely nothing regarding that.

To disable TLS 1.0 for client or server, change the DWORD value to 0. If an SSPI app requests to use TLS 1.0, it will be denied. To disable TLS 1.0 by default, create a DisabledByDefault entry and change the DWORD value to 1.

I believe this is a bot right? Interesting choice sending me to the windows registry to attempt to fix docker configurations.