Docker Community Forums

Share and learn in the Docker community.

Docker swarm mode API authetication


(Stobor) #1

Previously to trying out docker swarm mode api I have set up docker remote api with tls authentication with the help of https://docs.docker.com/engine/security/https/. Now i have my /usr/lib/systemd/system/docker.service configured with

ExecStart=/usr/bin/dockerd -H unix://var/run/docker.sock --tlsverify --tlscacert=/root/.docker/ca.pem --tlscert=/root/.docker/new-certs/server-cert.pem --tlskey=/root/.docker/new-certs/server-key.pem -H=0.0.0.0:2376

It works perfectly, i am able to run bellow command and get results

curl https://:2376$HOSTNAME/tasks --cert ~/.docker/new-certs/cert.pem --key ~/.docker/new-certs/key.pem --cacert ~/.docker/new-certs/ca.pem

Now i create a swarm

docker swarm init

*:2377 is now being listed on

But for some reason the command bellow returns “curl: (60) Peer’s certificate issuer has been marked as not trusted by the user”

curl https://:2377$HOSTNAME/tasks --cert ~/.docker/new-certs/cert.pem --key ~/.docker/new-certs/key.pem --cacert ~/.docker/new-certs/ca.pem

I am unable to find any proper examples of such scenario, all of them are about legacy swarm , example https://docs.docker.com/swarm/configure-tls