0

I am running Docker inside a VM (which runs Fedora Server 35) with access to the Internet since I am able to pull public images. I need to pull also some private images but I am running into the following issue:

docker login myprivateserver:5000
Username: <myusername>
Password: ********
Error response from daemon: Get "https://myprivateserver:5000//v2/": x509: certificate signed by unknown authority

I have followed the docs but it does not seem to be working. Here is what I have done so far:

  • create the directory /etc/docker/certs.d/myprivateserver:5000
  • copied the cert file to the above route and renamed it as ca.crt

I have read a lot of posts here in SO and all of them say that's the way to go but it just doesn't work for me and I don't get why.

Can I get some help? What am I missing here?

Note: I have obtained the ca.cert file by accessing the URL https://myprivateserver:5000 from the browser and then downloading the file from there.

Note 2: myprivateserver is a placeholder I use in order to no discard the current URL (security reasons)

ReynierPM
  • 17,594
  • 53
  • 193
  • 363
  • Have you checked the content of your certificate ? (`openssl x509 -text -noout -in /etc/docker/certs.d/myprivateserver:5000/ca.crt`) – Zeitounator Apr 13 '22 at 16:58
  • running that command shows `unable to load certificate` – ReynierPM Apr 13 '22 at 17:07
  • so since I got the cert from the browser it downloaded as `.cer` I renamed that into `.crt` but that is wrong. The correct way to convert `CER` into `CRT` is: `openssl x509 -inform DER -in .cer -out .crt`. Doing so I was able to properly login into the private repository and pull the needed images. – ReynierPM Apr 13 '22 at 17:39
  • credits goes to: @Zeitounator for put me in the right path and this SO answer: https://stackoverflow.com/a/51290883/719427 – ReynierPM Apr 13 '22 at 17:40

0 Answers0