In localhost docker login is successful, but from another machine I get Error response from daemon: x509: certificate signed by unknown authority
Question
I am trying to deploy a docker registry in my server to manage our images. I have created it with TLS authentication.
When I run command docker login -u username [registry_domain]:[port] in localhost docker login is successful.
When I'm running the same command from another machine I get:
Error response from daemon: Get [registry_domain]:[port] x509: certificate signed by unknown authority
I have added the file /etc/docker/daemon.json with the next line, but it only solved the problem for localhost
{ "insecure-registries": ["registry:8443"] }
When checking the logs for the registry I can see the error:
http: TLS handshake error from [remoteComputerIp]: remote error: tls: bad certificate
Has anyone encountered this situation? Or maybe could point me to the right direction? Can't seem to find a solution for this
2 answers
solution1
1 ACCPTED 2018-11-06 07:24:03
Found the solution.
In order to get the remote machines to be able to login to my registry, I had to copy the client.crt I generated when creating the registry into the default machine I was connecting from. This is because I was signing the certificates myself.
You can ssh into it by using docker-machine ssh [name of the machine] (in my case name was "default")
You copy the certificate to /etc/docker/certs.d/<registry-domain>:<port>/ca.crt
No need to restart anything. Once its working you can easily test by using the command docker login -u username <registry-domain>:<port>
solution2
0 2018-11-05 16:21:35
Try regenerating certificates:
docker-machine regenerate-certs machine-name
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.