Getting 401 Unauthorized while trying to pull images from local docker registry (harbor) from k3s

Due to work I need to self-host a local docker proxy cache using Harbor. So i wen to their doc and I installed the server and configured it properly, accesing it via FQDN and using a self-signed certificate. I'm able to use docker login from external clients and docker pull without a problem.

My idea is to serve this Harbor server to the containerd service runing inside a k3s cluster I have. From the cluster's control plane (hostname: control01) I can pull images:

/usr/local/bin/ctr -a /run/k3s/containerd/containerd.sock image pull 

harbor.virtalus.com/dockerhubproxy/library/ubuntu:20.04
harbor.virtalus.com/dockerhubproxy/library/ubuntu:20.04:                          resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:4e9ed8dc49c4c21888f4053e59d7ef0959f57e77d0fbe47ba0063fddd6b70f2c:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:7b3e30a1f373b0621681f13b92feb928129c1c38977481ee788a793fcae64fb9: exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:8e5c1b329fe39c318c0d49821b339fb94a215c5dc0a2898c8030b5a4d091bcba:    exists         |++++++++++++++++++++++++++++++++++++++|
config-sha256:1a437e363abfa47bfe4b3f5906b7444d12346102d944ebddd537e47a62fc6f52:   exists         |++++++++++++++++++++++++++++++++++++++|
elapsed: 10.3s                                                                    total:  1.4 Ki (137.0 B/s)
unpacking linux/amd64 sha256:4e9ed8dc49c4c21888f4053e59d7ef0959f57e77d0fbe47ba0063fddd6b70f2c...

So I configure the /etc/rancher/k3s/registries.yaml as following the official doc by Rancher:

cat << EOF > /etc/rancher/k3s/registries.yaml
mirrors:
  "*":
    endpoint:
      - "https://harbor.virtalus.com"
configs:
  "https://harbor.virtalus.com":
    auth:
      username: admin
      password: Harbor12345  
    tls:
      cert_file: /root/harbor.virtalus.com.cert
      key_file: /root/harbor.virtalus.com.key
      ca_file: /root/ca.crt
      insecure_skip_verify: true
EOF

I have tried with and witouth the config section but it keeps telling me:

pulling from host harbor.virtalus.com failed with status code [manifests 1.8.6]: 401 Unauthorized

I have spent the last 4h in this, I have read some github issues threads, the official doc and several troubleshooting guides but I still don't know what I'm doing wrong.

The configs entries contain the auth and tls sections but it appears that the tls section is not taken into account due to a redundant misplaced registry entry

cat << EOF > /etc/rancher/k3s/registries.yaml
mirrors:
  "*":
    endpoint:
      - "https://harbor.virtalus.com"
configs:
  "https://harbor.virtalus.com":
    auth:
      username: admin
      password: Harbor12345

"https://harbor.virtalus.com":

    tls:
      cert_file: /root/harbor.virtalus.com.cert
      key_file: /root/harbor.virtalus.com.key
      ca_file: /root/ca.crt
      insecure_skip_verify: true
 EOF

Feel free to remove it and let me know if that solves the issue

Additionally, as a side note you might want to use the --debug flag of docker to get more details about the encountered error