Docker Community Forums

Share and learn in the Docker community.

Connecting Docker Client with Registry v2


#1

I have a Docker server with a registry: 2 container and auto-signed certificate to be used on the internal network, with a Jenkins container on the same server I can send the images with the address localhost:5000 and by Postman I query the Registry images, however , when I go on another server and try to connect Docker to the Registry the following error appears:

Error response from daemon: Get https://172.16.0.15:5000/v2/: x509: cannot validate certificate for 172.16.0.15 because it doesn’t contain any IP SANs

The command I use for login is:

docker login -u admin_test --password-stdin 172.16.0.15:5000 < /home/sistemas/pass-registry.txt

The two servers are CentOS 7, before generating the certificate I went into /etc/pki/tls/openssl.cnf and in [ v3_ca ] I added the parameter subjectAltName = IP: 172.16.0.15 because reading in some forums I understood that this is necessary to create the certificate!

To create the self signed certificate files I used the following command:

  openssl req -newkey rsa:4096 -sha256 -keyout certs/172.16.0.15.key -x509 -days 365 -out certs/172.16.0.15.crt

And I copied the file 172.16.0.15.crt to /etc/docker/certs.d/172.16.0.15:5000/ca.crt and restart Docker.

The Docker where the Registry is version 1.13 and the Docker client is 18.06.

The network firewall is all released, can it be the difference between Docker versions or some configuration that is missing from the client ?