[英]How to ignore certificate errors in Boot2Docker on windows
I have boot2docker 1.4.1 running on windows via virtualbox. 我通过virtualbox在windows上运行boot2docker 1.4.1。 I am behind a proxy that MITMs https certificates. 我支持MITM https证书的代理。 I configured proxy by adding the following lines in /var/lib/boot2docker/profile
: 我通过在/var/lib/boot2docker/profile
添加以下行来配置代理:
export HTTP_PROXY=<proxyhost>:80
export HTTPS_PROXY=<proxyhost>:80
DOCKER_TLS=no
EXTRA_ARGS="--insecure-registry index.docker.io"
however when I run docker@boot2docker:~$ docker run hello-world
I get 但是当我运行docker@boot2docker:~$ docker run hello-world
我得到了
Unable to find image 'hello-world:latest' locally
Pulling repository hello-world
FATA[0006] Get https://index.docker.io/v1/repositories/library/hello-world/images
: x509: certificate signed by unknown authority
Please help me figure out the correct way to ignore certificate errors. 请帮我弄清楚忽略证书错误的正确方法。 Thanks! 谢谢!
Edit Looks like the new docker only works on certain flavors of Windows 10 . 编辑看起来新的docker仅适用于某些版本的Windows 10 。 If you are still stuck on Windows 7, I have updated the below to reflect the steps I had to go through to correct the 'self signed certificate in certificate chain' error when I installed the latest version of docker-toolbox ( Docker 1.11.2 ). 如果您仍然停留在Windows 7上,我已经更新了以下内容,以反映我在安装最新版本的docker-toolbox( Docker 1.11.2)时纠正“证书链中的自签名证书”错误所需的步骤)。
Finally got this working on Windows 7 following the answers here: https://github.com/boot2docker/boot2docker/issues/347 最后,在Windows 7上按照以下答案进行操作: https : //github.com/boot2docker/boot2docker/issues/347
Check that this is your issue by running openssl s_client -showcerts : 通过运行openssl s_client -showcerts来检查这是您的问题:
docker@boot2docker:~$ openssl s_client -showcerts -CApath . -connect index.docker.io:443
(Edit: removed 32 from -showcerts and corrected host name) (编辑:从-showcerts删除了32并更正了主机名)
In the certificate chain, you'll see the proxy has inserted itself and the verify returns an error something like this 在证书链中,您将看到代理已插入自身,并且验证返回类似这样的错误
Verify return code: 19 (self signed certificate in certificate chain)
If you have the same problem then give the steps below a try : 如果您遇到同样的问题,请尝试以下步骤:
docker@boot2docker:~$ sudo mkdir /var/lib/boot2docker/certs/
创建一个文件夹来保存证书: docker@boot2docker:~$ sudo mkdir /var/lib/boot2docker/certs/
docker@boot2docker:~$ sudo cp /c/Users/<username>/<folder>/<proxy-cert>.pem /var/lib/boot2docker/certs/
将证书文件复制到该位置: docker@boot2docker:~$ sudo cp /c/Users/<username>/<folder>/<proxy-cert>.pem /var/lib/boot2docker/certs/
/var/lib/boot2docker/bootlocal.sh
and include the source from https://gist.github.com/irgeek/afb2e05775fff532f960 (I just created the file in Windows using Notepad++ and copied it to the correct location similar to the above step) 创建文件/var/lib/boot2docker/bootlocal.sh
并包含来自https://gist.github.com/irgeek/afb2e05775fff532f960的源代码(我刚刚使用Notepad ++在Windows中创建了该文件并将其复制到类似于上一步) C:\\>docker-machine restart
退出ssh并重新启动: C:\\>docker-machine restart
docker-machine ssh
and verify the changes worked: docker run hello-world
打开shell docker-machine ssh
并验证更改是否有效: docker run hello-world
You should see output which contains something like: 您应该看到包含以下内容的输出:
Hello from Docker.
This message shows that your installation appears to be working correctly.
If you have Docker for Windows on Windows 10 , and you're getting the "x509: certificate signed by unknown authority" error, you can try this: 如果你在Windows 10上安装了 Docker for Windows ,并且你得到了“x509:由未知权限签名的证书”错误,你可以试试这个:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.