Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Allow user to add custom Certificate Authorities #48

Closed
bbodenmiller opened this issue Aug 20, 2016 · 18 comments
Closed

Allow user to add custom Certificate Authorities #48

bbodenmiller opened this issue Aug 20, 2016 · 18 comments

Comments

@bbodenmiller
Copy link

bbodenmiller commented Aug 20, 2016

Expected behavior

I should be able to use a registry signed by a custom Certificate Authority without having to register it as insecure.

Actual behavior

When attempting to use a registry signed by a custom Certificate Authority Docker for Windows returns a x509: certificate signed by unknown authority error. Only workaround is to register registry as insecure.

Related to #26, #36, #23, & docker/for-mac#343. Per @friism at #9 (comment) looks like something like this may already be on the roadmap.

@rn
Copy link
Contributor

rn commented Aug 23, 2016

@bbodenmiller Yes, this definitely is on the roadmap. Thanks for filing this issue here (and commenting on the issues you referenced).

@dgageot
Copy link
Member

dgageot commented Sep 9, 2016

@bbodenmiller for your information this will be included in next beta (Beta26)

@dgageot
Copy link
Member

dgageot commented Sep 14, 2016

@bbodenmiller Docker for Windows Beta26 was released yesterday. Could you give it a shot and see if it fixes your issue?

@bbodenmiller
Copy link
Author

Sure, will check. Do I upload the CA cert or do you pull them from the Windows cert store? The latter would be the better option.

@dgageot
Copy link
Member

dgageot commented Sep 14, 2016

@bbodenmiller We do pull them from the cert store :-)

@dgageot
Copy link
Member

dgageot commented Sep 16, 2016

Hi @bbodenmiller Did beta26 work for you?

@0x5487
Copy link

0x5487 commented Sep 17, 2016

Hi @dgageot,

I just tried both version of beta26 and stable-1.12.1, but I still got 509: certificate signed by unknown authority . I put my certificate under Trust Root Certification Authorities folder. Do you have any suggestions that I can try? Thank you

@bbodenmiller
Copy link
Author

1.12.1 worked for me. Perhaps some documentation is needed around where certs should be placed?

@0x5487
Copy link

0x5487 commented Sep 21, 2016

@bbodenmiller ,

Would you mind me asking where did you put your certs?

@dgageot
Copy link
Member

dgageot commented Sep 21, 2016

@bbodenmiller yes, of course! We will

@bbodenmiller
Copy link
Author

@jasonsoft looks like mine is in both Trusted Root Certification Authorities and Intermediate Certification Authorities.

@dgageot
Copy link
Member

dgageot commented Sep 28, 2016

@bbodenmiller @jasonsoft I hope it works well for you two. Can this is issue be closed?

@bbodenmiller
Copy link
Author

Sounds good to me. Should I open a new issue about how it should be documented?

@friism
Copy link

friism commented Sep 29, 2016

Perhaps some documentation is needed around where certs should be placed?

cc @londoncalling for docs

@dgageot
Copy link
Member

dgageot commented Sep 29, 2016

I'm going to close this issue and create an issue in our internal tracker to make sure this is documented

@dgageot dgageot closed this as completed Sep 29, 2016
@GarbageYard
Copy link

Hi. I am using docker-machine on Win 10 Enterprise. When i try to run docker login, i get error:

docker login docker.artifactory.abc.net -u tom -p tom_pwd
Error response from daemon: Get https://docker.artifactory.abc.net/v2/: x509: certificate signed by unknown authority

I added certificate to both Trusted Root Certification Authorities and Intermediate Certification Authorities . I've been trying to get this working for the last 2 days but to no avail. Any pointers?

@MYZ6
Copy link

MYZ6 commented Jun 8, 2018

After add the certificate, I have to restart my docker, then it worked. Spent a lot of time to figure out this way.

@amd5 amd5 mentioned this issue Dec 3, 2019
@docker-robott
Copy link
Collaborator

Closed issues are locked after 30 days of inactivity.
This helps our team focus on active issues.

If you have found a problem that seems similar to this, please open a new issue.

Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows.
/lifecycle locked

@docker docker locked and limited conversation to collaborators Jun 18, 2020
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Projects
None yet
Development

No branches or pull requests

9 participants