![](/img/trans.png)
[英]Docker for windows 7- Get https://registry-1.docker.io/v1/repositories/library/hello-world/tags/latest: x509: certificate signed by unknown authority
[英]docker toolbox on windows then docker run hello-world gets x509: certificate signed by unknown authority
尝试了许多示例,但没有一个对我有用。
我的Docker版本:
C:\>docker version
Client:
Version: 1.12.2
API version: 1.24
Go version: go1.6.3
Git commit: bb80604
Built: Tue Oct 11 17:00:50 2016
OS/Arch: windows/amd64
Server:
Version: 1.12.3
API version: 1.24
Go version: go1.6.3
Git commit: 6b644ec
Built: Wed Oct 26 23:26:11 2016
OS/Arch: linux/amd64
我确实将证书(* .pem)复制到了/etc/docker/certs.d位置,但是没有任何效果。
docker@default:~$ l /etc/docker/certs.d/
total 24
drwxr-xr-x 2 root root 4096 Nov 30 17:59 ./
drwxr-xr-x 3 root root 4096 Nov 30 17:16 ../
-rwxr-xr-x 1 root root 1679 Nov 30 17:59 ca-key.pem
-rwxr-xr-x 1 root root 1038 Nov 30 17:59 ca.pem
-rwxr-xr-x 1 root root 1078 Nov 30 17:59 cert.pem
-rwxr-xr-x 1 root root 1675 Nov 30 17:59 key.pem
证书是创建虚拟机时生成的证书。
感谢您的帮助。 花了一天时间尝试解决此问题。
运行docker run hello-world日志时生成消息,日志来自/ var / lib / boot2docker /中的docker.log
time="2016-11-30T18:25:14.233037149Z" level=debug msg="Client and server don't have the same version (client: 1.12.2, server: 1.12.3 )"
time="2016-11-30T18:25:14.233712555Z" level=error msg="Handler for POST /v1.24/containers/create returned error: No such image: hello-world:latest"
time="2016-11-30T18:25:14.244589790Z" level=debug msg="Calling GET /v1.24/info"
time="2016-11-30T18:25:14.244626594Z" level=debug msg="Client and server don't have the same version (client: 1.12.2, server: 1.12.3)"
time="2016-11-30T18:25:14.249913910Z" level=debug msg="Calling POST /v1.24/images/create?fromImage=hello-world&tag=latest"
time="2016-11-30T18:25:14.249943955Z" level=debug msg="Client and server don't have the same version (client: 1.12.2, server: 1.12.3)"
time="2016-11-30T18:25:14.250041478Z" level=debug msg="Trying to pull hello-world from https://registry-1.docker.io v2"
time="2016-11-30T18:25:14.327535482Z" level=warning msg="Error getting v2 registry: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority"
time="2016-11-30T18:25:14.327561850Z" level=error msg="Attempting next endpoint for pull after error: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority"
time="2016-11-30T18:25:14.327574917Z" level=debug msg="Trying to pull hello-world from https://index.docker.io v1"
time="2016-11-30T18:25:14.327587833Z" level=debug msg="hostDir: /etc/docker/certs.d/docker.io"
time="2016-11-30T18:25:14.327858818Z" level=debug msg="[registry] Calling GET https://index.docker.io/v1/repositories/library/hello-world/images"
time="2016-11-30T18:25:14.501831878Z" level=error msg="Not continuing with pull after error: Error while pulling image: Get https://index.docker.io/v1/repositories/library/hello-world/images: x509: certificate signed by unknown authority"
您可能是代理人。 试试这个sudo vi / var / lib / boot2docker / profile
在配置文件的末尾添加以下内容
# replace with your office's proxy environment
export "HTTP_PROXY=http://PROXY:PORT"
export "HTTPS_PROXY=http://PROXY:PORT"
# you can add more no_proxy with your environment.
export "NO_PROXY=192.168.99.*,*.local,169.254/16,*.example.com,192.168.59.*"
然后重新启动boot2docker
以上步骤对我有用。 我在窗户上。
事实证明,我们在代理后面,但是这些设置不适用于我们的Zscalar代理系统。 Zscalar插入了自己的证书,并且将这些证书添加到Docker的设置中的事件将不起作用。 Zscalar确实具有SSL绕过设置,该设置可免除给定URL的SSL处理。
对于Docker,您必须使用.docker.io和.cloudfront.net的URL
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.