"docker pull" certificate signed by unknown authority

docker ssl curl

Solution 1:

You may need to restart the docker service to get it to detect the change in OS certificates.

Docker does have an additional location you can use to trust individual registry server CA. You can place the CA cert inside /etc/docker/certs.d/<docker registry>/ca.crt. Include the port number if you specify that in the image tag, e.g in Linux.

/etc/docker/certs.d/my-registry.example.com:5000/ca.crt

or in Windows 10:

C:\ProgramData\docker\certs.d\ca.crt

Solution 2:

  • first create a file - /etc/docker/daemon.json

  • than run the following to add certs

      openssl s_client -showcerts -connect [registry_address]:[registry_port] < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/[registry_address]/ca.crt

works without restart

OR

import the cert to system like

  • save the cert to the file , like the command above (the port is crucial, no need for the protocol)

     openssl s_client -showcerts -connect [registry_address]:[registry_port] < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ca.crt

  • copy it to /usr/local/share/ca-certificates/

     sudo cp ca.crt /usr/local/share/ca-certificates/

  • run update-ca-certificates

     sudo update-ca-certificates

  • restart docker !

Related

Set timeout for HTTPClient get() request
Is it possible to disable jsessionid in tomcat servlet?
Multi-line comments in Xcode
ASP.NET MVC Pass object from Custom Action Filter to Action
How do you clear the validation errors in Eclipse?
Parse CSV file with header fields as attributes for each row
How to copy and edit files in Android shell?
How to set a cron job to run at a exact time?
How to change hash keys from `Symbol`s to `String`s?
How to use border with Bootstrap
Command to move line up or down in Atom Editor
Higher validation accuracy, than training accurracy using Tensorflow and Keras