[英]dockerhub registery: x509: certificate signed by unknown authority
I've spend hours looking to solve this issue, however I'm unable to find any topics related to this issue, since all I find is custom registeries. 我已经花费了数小时寻求解决此问题的方法,但是由于我发现的只是自定义注册表,因此找不到与该问题相关的任何主题。 When running any of the docker commands that connect to docker hub, either through https://registry-1.docker.io/v2/ or https://index.docker.io/v1 , all requests end up in "x509: certificate signed by unknown authority".
当运行通过https://registry-1.docker.io/v2/或https://index.docker.io/v1连接到docker hub的任何docker命令时,所有请求均以“ x509:由未知权限签署的证书”。 However using
curl
to run query the same endpoints seem to function just fine. 但是,使用
curl
运行查询可以使相同的端点正常运行。
I've reinstalled docker completely, purging all configuration files, however it does not seem to make a difference. 我已经完全重新安装了docker,清除了所有配置文件,但是似乎没有什么不同。
Anything I'm missing? 我有什么想念的吗?
docker info
: docker info
:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 17.05.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9048e5e50717ea4497b757314bad98ea3763c145
runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.35-1-lts
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.34GiB
ID: 5Q4D:TLJF:3I3U:O522:VQMK:24BU:H5ND:UPOU:MWYS:WGTB:XFXR:BQES
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Ena
Using docker
: 使用
docker
:
[user@hostname]$ docker search ubunut
Error response from daemon: Get https://index.docker.io/v1/search?q=ubunut&n=25: x509: certificate signed by unknown authority
Using curl
: 使用
curl
:
[user@hostname]$ curl -v https://index.docker.io/v1/search?q=ubunut&n=25
[1] 2152
[user@hostname]$ * Trying 34.200.194.233...
* TCP_NODELAY set
* Connected to index.docker.io (34.200.194.233) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: OU=GT98568428; OU=See www.rapidssl.com/resources/cps (c)15; OU=Domain Control Validated - RapidSSL(R); CN=*.docker.io
* start date: Mar 19 17:34:32 2015 GMT
* expire date: Apr 21 01:51:52 2018 GMT
* subjectAltName: host "index.docker.io" matched cert's "*.docker.io"
* issuer: C=US; O=GeoTrust Inc.; CN=RapidSSL SHA256 CA - G3
* SSL certificate verify ok.
> GET /v1/search?q=ubunut HTTP/1.1
> Host: index.docker.io
> User-Agent: curl/7.54.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Wed, 05 Jul 2017 12:10:22 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Vary: Cookie
< X-Frame-Options: SAMEORIGIN
< Strict-Transport-Security: max-age=31536000
<
{"num_pages": 1, "num_results": 21, "results": [{"is_automated": true, "name": "han4wluc/try-docker-ubunut-node", "is_trusted": true, ... *truncated*
I solved the problem as follows: 我解决了如下问题:
/etc/ssl/cert/ca-certificates.crt
. /etc/ssl/cert/ca-certificates.crt
文件。 sudo pacman -S ca-certificates-utils
. sudo pacman -S ca-certificates-utils
。 systemctl restart docker
command. systemctl restart docker
命令systemctl restart docker
。 I got this hint from this link: 我从此链接获得了以下提示:
https://unix.stackexchange.com/questions/339613/arch-linux-ca-certificates-crt-not-found/396169#396169 https://unix.stackexchange.com/questions/339613/arch-linux-ca-certificates-crt-not-found/396169#396169
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.