Docker Community Forums

Share and learn in the Docker community.

Docker push to a private registry - net/http: TLS handshake timeout

I’ve deployed a private docker image registry on an AWS EC2 Ubuntu 14.04 instance. The registry is secured using Lets Encrypt certificate.

Unfortunately, I’m getting net/http: TLS handshake timeout for docker push operations that take longer than 300s:

This is the output of thetime'd command:

[luqo33@home-pc containers]$ time docker push my-registry-domain:5000/nginx
The push refers to a repository [my-registry-domain:5000/nginx]
dda5a806f0b0: Layer already exists
ec35cfccb7f7: Layer already exists
94c1a232bb3f: Layer already exists
6d6b9812c8ae: Layer already exists
695da0025de6: Retrying in 1 second
fe4c16cbf7a4: Pushing [================================================> ] 119 MB/123 MB
net/http: TLS handshake timeout

real 5m0.847s
user 0m0.097s
sys 0m0.017s

Logs of the regsitry:2 container do not show any errors. I can also push images that take less than 5min to push.

I’m suspecting that it’s a system setting at blame as the timeout happens always once the operations goes beyond 300 seconds. There isn’t any load balancer or other proxy. my-registry-domain:5000 points directly at the server IP.

How can I further investigate and possible remedy this situation?


The same happens when I push images to other server providers (DigitalOcean), AWS ECS registry or even Docker Hub!

Anybody has a clue what is happening here?