Rich Megginson (richmegginson) wrote,
Rich Megginson

How to fix docker when it cannot pull due to "x509: certificate signed by unknown authority"

I've been having this problem on Fedora 23 with docker 1.9.1 build ee06d03/1.9.1.  When I would use docker pull, it would give me a cert error:
 # docker pull some/image:tag
 Trying to pull repository ... failed
 Error while pulling image: Get x509: certificate signed by unknown authority
Not sure why docker can't just use the system cert bundle. Looking at the code: docker looks for /etc/docker/certs.d/$hostname and looks for a CA cert bundle in that directory. So I just did this:
 # cd /etc/docker/certs.d
 ln -s /etc/pki/tls/certs/ca-bundle.crt
 ln -s /etc/pki/tls/certs/
 systemctl restart docker
Now docker pull works fine for the Dockerhub repo.
Tags: certificates, docker, x509

  • Post a new comment


    default userpic

    Your reply will be screened

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.