Log in

No account? Create an account

Previous Entry | Next Entry

I've been having this problem on Fedora 23 with docker 1.9.1 build ee06d03/1.9.1.  When I would use docker pull, it would give me a cert error:
 # docker pull some/image:tag
 Trying to pull repository docker.io/some/image ... failed
 Error while pulling image: Get https://index.docker.io/v1/repositories/some/image/images: x509: certificate signed by unknown authority
Not sure why docker can't just use the system cert bundle. Looking at the code: https://github.com/docker/docker/blob/1061c56a5fc126a76344ea9dca9aa5f5e75eb902/registry/registry.go#L102 docker looks for /etc/docker/certs.d/$hostname and looks for a CA cert bundle in that directory. So I just did this:
 # cd /etc/docker/certs.d
 mkdir docker.io
 cd docker.io
 ln -s /etc/pki/tls/certs/ca-bundle.crt
 ln -s /etc/pki/tls/certs/ca-bundle.trust.crt
 systemctl restart docker
Now docker pull works fine for the Dockerhub repo.