From 3c30fc8e45d67d3a7b248da22bbb30b91d3aab05 Mon Sep 17 00:00:00 2001
From: pytimer <lixin20101023@gmail.com>
Date: Mon, 26 Aug 2019 06:26:26 +0800
Subject: [PATCH] Add --insecure flag usage document in readme (#113)

---
 README.md | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/README.md b/README.md
index bd7dbd314..4a252f795 100644
--- a/README.md
+++ b/README.md
@@ -139,6 +139,40 @@ To remove the entry from the credentials file, use `oras logout`:
 oras logout localhost:5000
 ```
 
+#### Example using with insecure Docker registry
+
+You want to login the registry without certificate if using the self-signed certificate or unencrypted HTTP connection Docker registry. `oras` support `--insecure` flag to login, it like the Docker daemon `insecure-registries` configuration.
+
+First, create a valid htpasswd file (must use `-B` for bcrypt):
+
+```
+htpasswd -cB -b auth.htpasswd myuser mypass
+```
+
+Next, start a registry using that file for auth and listen the `0.0.0.0` address:
+
+```
+docker run -it --rm -p 8443:443 \
+    -v $(pwd)/auth.htpasswd:/etc/docker/registry/auth.htpasswd \
+    -e REGISTRY_AUTH="{htpasswd: {realm: localhost, path: /etc/docker/registry/auth.htpasswd}}" \
+    -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
+    registry
+```
+
+In a new window, login with `oras` using the ip address not localhost:
+
+```
+oras login -u myuser -p mypass --insecure <registry-ip>:8443
+```
+
+You will notice a new entry for `<registry-ip>:8443` appear in `~/.docker/config.json`.
+
+To remove the entry from the credentials file, use `oras logout`:
+
+```
+oras logout <registry-ip>:8443
+```
+
 ### Usage
 
 #### Pushing single files to remote registry