As per my corporate policies, we are using windows 7, with privileged access (subset of admin rights) on the machine.
I have installed docker toolbox however when its time to pull images from Docker hub of companies Artifactory i was getting issues because of HTTPS and proxy.
I finally figured this out on how properly to set-up docker toolbox on windows 7 behind corporate proxy with HTTPS certs.
Following are the steps
C:/Users/<user>/.docker/machine/machines/default and open config.json. If you do not have that folder, then please open "Docker Quickstart Terminal" from your desktop to create a virtual box docker-machine for yourself.{ "HostOptions": { ... "EngineOptions": { ... "Env": [ "HTTP_PROXY=http://<username>:<pwd>@<host>:<port>", "HTTPS_PROXY=http://<username>:<pwd>@<host>:<port>", "NO_PROXY=<docker-machine ip>" ], } } }
Please note the http in HTTPS_PROXY.
After the above step, you need to install the company certs
Get the set of corporate root certificates, which should be installed in your corporate-configured browser. In Chrome, you can go to Settings, click Show advanced settings, and scroll down to HTTPS/SSL, where you can choose Manage Certificates. My organization has put them in Trusted Root Cerftification Authorities and named them after the organization. Export each (I have two), one at a time, making sure to choose DER format.
Once you have them saved to a known location, you will want to convert them to PEM format. The easiest way I found to do this was to run the openssl.exe[1] command from within the Docker Quickstart Terminal.
openssl x509 -inform der -in certificate.cer -out certificate.pem
Once you have the .pem files, you will want to copy them to a location to which your Docker machine has access. I made a directory in c:\Users\my.username\certs and copied them there.
This step may not be strictly necessary, but it's what I did, and it works. You will want to copy those certificates into your boot2docker partition, which is persistent. I am connecting to my default machine, which IS something you will need to do for Step 5.
MINGW64:$
docker-machine ssh defaultdocker@default:~$
sudo -sroot@default:/home/docker#
mkdir /var/lib/boot2docker/certsroot@default:/home/docker#
cp /c/Users/my.username/certs/*.pem /var/lib/boot2docker/certs/
Now it's time to write a bootlocal.sh script, which will copy the certificates to the proper location each time the system starts.[2] If you haven't already, open an SSH connection to the machine, per Step 4.
touch /var/lib/boot2docker/bootlocal.sh && chmod +x /var/lib/boot2docker/bootlocal.sh
vi /var/lib/boot2docker/bootlocal.sh
Insert the following and save the file:
#!/bin/sh
mkdir -p /etc/docker/certs.d && cp certs/certificate.pem /etc/docker/certs.d
Restart the machine, either by using the reboot command from within the machine, or by using the docker-machine command from the Docker terminal:
docker-machine restart default
Now you should be able to run 'hello-world' and others. I hope this helps.
Ref: Docker on Windows (Boot2Docker) - certificate signed by unknown authority error
I recently faced same problem and was able to fix the problem with below steps. As suggested in the official docker documentation
First, stop and delete the default docker-machine if it is already created
docker-machine stop default
docker-machine rm default
where 'default' is the default name of docker-machine.
After deletion create docker-machine with the proxy setting:
docker-machine create -d virtualbox --engine-env HTTP_PROXY=http://example.com:8080 --engine-env HTTPS_PROXY=https://example.com:8080 --engine-env NO_PROXY=example2.com default
This solution absolutely works fine for me.
I solved this problem by adding a trailing backslash ("/") to the end of the proxy URL in the proxy settings in the config.json file.
