Hi,
My environment looks like this:
on Server A (athgflote02) I have behind nginx docker container (which terminates ssl) my private registry.
on Server B, I copied ca.crt to the " /etc/docker/certs.d/athgflote02.um.internal:10443/ca.crt". and restarted the docker deamon (now in debug mode)
Both servers have debian 8.5 OS, and “Docker version 1.11.2, build b9f10c9”
on server B ( actual it happens on every docker server)," docker search" works
e.g
docker search athgflote02.um.internal:10443/cse/3boxapi
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
cse/3boxapi 0
but if I try to pull/push the image, I get following error:
deamon debug output:
"DEBU[0057] Calling POST /v1.23/images/create?fromImage=athgflote02.um.internal%3A10443%2Fcse%2F3boxapi%3Alatest
DEBU[0057] hostDir: /etc/docker/certs.d/athgflote02.um.internal:10443
DEBU[0057] crt: /etc/docker/certs.d/athgflote02.um.internal:10443/ca.crt
DEBU[0057] hostDir: /etc/docker/certs.d/athgflote02.um.internal:10443
DEBU[0057] crt: /etc/docker/certs.d/athgflote02.um.internal:10443/ca.crt
DEBU[0057] Trying to pull athgflote02.um.internal:10443/cse/3boxapi from https://athgflote02.um.internal:10443 v2
ERRO[0057] Error trying v2 registry: error parsing HTTP 404 response body: invalid character '<' looking for beginning of value: "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>404 Not Found</title>\n<h1>Not Found</h1>\n<p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>\n"
ERRO[0057] Attempting next endpoint for pull after error: error parsing HTTP 404 response body: invalid character '<' looking for beginning of va lue: "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>404 Not Found</title>\n<h1>Not Found</h1>\n<p>The requested URL was not f ound on the server. If you entered the URL manually please check your spelling and try again.</p>\n"
DEBU[0057] Trying to pull athgflote02.um.internal:10443/cse/3boxapi from https://athgflote02.um.internal:10443 v1
DEBU[0057] hostDir: /etc/docker/certs.d/athgflote02.um.internal:10443
DEBU[0057] crt: /etc/docker/certs.d/athgflote02.um.internal:10443/ca.crt
DEBU[0057] attempting v1 ping for registry endpoint https://athgflote02.um.internal:10443/v1/
DEBU[0057] PingResult.Version: ""
DEBU[0057] Registry standalone header: 'True'
DEBU[0057] PingResult.Standalone: true
DEBU[0057] Endpoint https://athgflote02.um.internal:10443/v1/ is eligible for private registry. Enabling decorator.
DEBU[0057] [registry] Calling GET https://athgflote02.um.internal:10443/v1/repositories/cse/3boxapi/images
DEBU[0057] Retrieving the tag list
ERRO[0057] unable to get remote tags: Get https://%5Cathgflote02.um.internal:10443/v1/repositories/cse/3boxapi/tags/latest: x509: certificate is valid for athgflote02.um.internal, not \athgflote02.um.internal
ERRO[0057] Not continuing with pull after error: Get https://%5Cathgflote02.um.internal:10443/v1/repositories/cse/3boxapi/tags/latest: x509: certificate is valid for athgflote02.um.internal, not \athgflote02.um.internal"
I have no idea why docker daemon puts the backslash “” (%5C) in front of the hostname in GET request.
Any help appreciated.