Issue Type -
Docker engine not recognizing insecure registries setting
OS -
MacOS; Apple M1 chip; Sonoma 14.2.1 OS; MacBook Pro
App version -
Docker Client: 27.5.1
Docker Server: 27.5.1
Steps to reproduce -
- Install latest Docker Desktop on Mac
- Create ~/.docker/config.json with content –
{
"auths": {
"https://index.docker.io/v1/": {},
"<remote artifactory repo>": {},
"public.ecr.aws": {}
},
"credsStore": "desktop",
"credHelpers": {
"xxxxxxxxx.dkr.ecrxxxxxxx": "ecr-login"
},
"currentContext": "desktop-linux",
"plugins": {
"-x-cli-hints": {
"enabled": "true"
},
"debug": {
"hooks": "exec"
},
"features": {
"hooks": "true"
},
"scout": {
"hooks": "pull,buildx build"
}
},
"features": {
"hooks": "true"
}
}
- Create ~/.docker/daemon.json with content –
{
"builder": {
"gc": {
"defaultKeepStorage": "20GB",
"enabled": true
}
},
"debug": true,
"experimental": false,
"insecure-registries": [
"<remote artifactory repo"
]
}
- Build docker image locally
- Tag docker image with remote artifactory
- Login to remote artifactory with ‘docker login …’
- Attempt to ‘docker push …’ to remote artifactory
Here is information from ‘docker info’ –
Experimental: false
Insecure Registries:
<remote artifactory repo>
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
It appears as if docker should be ignoring TLS server certificate check, however when I execute command “docker push <remote artifactory repo tag><image:version>” I get the following error –
"tls: failed to verify certificate: x509: certificate signed by unknown authority"
I have to create a proxy to connect to the remote artifactory repo - the docker proxy is simply localhost:8080, then I use a script to set up listener on my mac –
addr=katanaproxy.stg-id-proxy.rmb-lab.jp:8080
port=8080
pomerium-cli tcp ${addr} --listen localhost:${port}
I have checked everything I can think of to resolve this. The remote artifactory does not require TLS…and this was working prior to restoring my Mac to factory settings.
Any help would be much appreciated!!
Karl