I have setup a docker registry for my university for us to start using for sensitive images. Everything is set we just need to open it up to the outside world. However, our security guys have given a great big “no” on that one. The docker container registry image is running TLS 1.0. We must disable that before we can open it to the outside world and integrate it into our cloud infrastructure. I can’t find any guidance on how to do such, though it appears I’m not the first to ask.
Additionally, they are also requiring we turn on HSTS, I have found absolutely nothing regarding that.