Keep getting Could not read CA certificate when trying to start docker

Question

I am attempting to migrate from boot2docker to docker-machine.

I followed the directions here to install docker but I keep getting the following message:

Could not read CA certificate "/Users/<useraccountfolder>/.boot2docker/certs/boot2docker-vm/ca.pem": open /Users/<useraccountfolder>/.boot2docker/certs/boot2docker-vm/ca.pem: no such file or directory

when I run most any docker command.

Answer 1

I found my solution here

I needed to update my .bash_profile to look like:

export DOCKER_HOST=tcp://192.168.99.100:2376
export DOCKER_MACHINE_NAME=default
export DOCKER_TLS_VERIFY=1
export DOCKER_CERT_PATH=~/.docker/machine/machines/default

and then run the following to generate the missing ca.pem:

docker-machine regenerate-certs default

I posted this in case this could help anyone else. Thanks/props go to everyone in that thread on github which was found after an hour of pain.

Answer 2

Please follow this guide: Docker for Mac vs Docker Toolbox

Worked for me, you need to unset the variables instead of creating them for mac.

# grep for DOCKER ENV vars
env | grep DOCKER
unset <DOCKER_VARS>

Answer 3

Usually most people have install boot2docker and old version of virtualbox. As said in installation guide, before installing Docker for Mac, we have to uninstall boot2docker and reinstall virtualbox to high version. https://docs.docker.com/engine/installation/mac/#/docker-for-mac

Even though we have installed Docker for Mac, we still encountered error "Could not read CA certificate".

My solution is to remove the docker related environment variables (DOCKER*) from .bash_profile . It seems a long term solution.

1. vim ~/.bash_profile

2. Comment something like DOCKER_*

3. source ~/.bash_profile

4. relaunch the terminal, you should have no problem on running : docker info or docker ps

Hope it helps.

Answer 4

I encountered the same error due to the reason that I had setup the environment to a particular docker machine which I later deleted but my environment was still set to the deleted machine. So docker calls were being redirected the a non-existant machine causing the error.

I unset the environment variables and the issue was fixed:

eval $(docker-machine env -u)

To see which environment variable would be unset run:

docker-machine env -u

Answer 5

If the file is present in DOCKER_CERT_PATH env variable, the error could also be caused due to file permissions issue. Please check this use-case as well.

Answer 6

My solution in macOS to clean the reference to the missing certs, that were not in ~/.bash_profile or ~/.bashrc was:

unset ${!DOCKER*}

Source: https://forums.docker.com/t/initial-install-of-docker-for-mac-could-not-read-ca-certificate/9170/7

Answer 7

Docker from the launchpad on my Mac quit working as well as commands from terminal. I'm just going to say what I did to fix it for me regardless of whether it makes sense in case it helps someone else out.

• I ran unset ${!DOCKER*}

• I then ran:

   export DOCKER_HOST=tcp://192.168.99.100:2376 export DOCKER_MACHINE_NAME=default export DOCKER_TLS_VERIFY=1 export DOCKER_CERT_PATH=~/.docker/machine/certs/

• I then ran: docker (which only partially worked)

• then I ran: unset ${!DOCKER*} again
• Then I launched docker from the Launchpad, gave it a minute and now it's running again and everything is back to normal.

Answer 8

If it still doesn't work, run:

find . -name ca.pem

To find out where it is, and then modify DOCKER_CERT_PATH=<the path you find out> , and on a Mac, it must be .bash_profile . If you input this in yo .oh-my-zsh it won't work.