Nginx

Is it possible to make authorization in a private Docker registry over SSL?

The situation is as follows: there is a server with a docker container with a registry on it (nginx is not present), there is another server with a central nginx (it proxies requests from the gateway to the necessary servers), and there are clients (ubunta) that want to connect to the registry.
What is the best way to do authorization by certificate (do I need to raise a separate container with nginx next to the registry container for this, or is it possible to get by with the main, central nginx)?
And is it possible to somehow authorize each client using a separate key (generate it on the side of the registry or nginx and throw it to the client so that he can log in to the registry) so that this key can be revoked at any time?
Since I recently got involved in docker, I will be glad if you share your experience, tell us how you implemented it. Perhaps some tips for automation. Links to mana are welcome, although what I read in Google is now such a mess in my head, everywhere it's different for everyone ...