i’am using here docker on my KDE Neon (basend on Ubuntu 22.04 LTS) with pycharm. Docker is installed directly from the packagessource from docker. Here in the office we have SSL-Deepinspection for security. So docker can’t download things from the internet:
docker run hello-world
Unable to find image 'hello-world:latest' locally
docker: Error response from daemon: Head "https://registry-1.docker.io/v2/library/hello-world/manifests/latest": Get "https://auth.docker.io/token?scope=repository%3Alibrary%2Fhello-world%3Apull&service=registry.docker.io": EOF.
Form other applications the CA is automaticly used. But Docker does not seem to access the central certificate store.
For testing i have created this folder /etc/docker/certs.d
and put my CA there, but that also shows no change.
How can I pass docker my CA with so it can also load things from the internet?
You need to configure the Docker daemon to use your CA files. To do this, create or edit the Docker daemon configuration file, typically located at /etc/docker/daemon.json or /etc/systemd/system/docker.service.d/docker.conf on Linux. Add or modify the “tls” section to include the paths to your CA files:
It should look like this /etc/docker/certs.d/registry-1.docker.io/ca.crt.
Though, this only handles docker engine to registry communication. Every container that needs to make https calls to the internet needs to be modified as well.