Docker Community Forums

Share and learn in the Docker community.

Dockerfile and ADD from an URL with self-signed ceritificate


(Vrenjith) #1

I am attempting do this in the Dockerfile
ADD https://somedomain/somefile /usr/local/bin/somefile

And I get the error “x509: certificate signed by unknown authority” as the URL uses a self signed certificate.

Any hints of how to make Docker accept this? (I already have added the certs under /etc/docker/certs.d/somedomain and reloaded/restarted docker daemon)


(Richard Ney) #2

I’d like to add that I’m also very interested in finding out if there’s an equivalent to /etc/docker/certs.d for self-signed certificates.


(Nathan Le Claire) #3

@vrenjith I’m not sure it’s supported at all. I’d just do a curl or wget using the corresponding cert flags with the RUN instruction.

@richardney What do you mean?


(Richard Ney) #4

We have an internal docker registry that uses a self-signed certificate. When I attempt to run docker pull I get the x509 error.

Administrators-MacBook-Pro:quickstart rney$ docker pull bosdocker-reg.wwproducts.aspect.com:5000/message-distributor:mmd-dev
Error response from daemon: Get https://bosdocker-reg.wwproducts.aspect.com:5000/v1/_ping: x509: certificate signed by unknown authority

Our normal workaround on linux is to put a copy of the certificate in /etc/docker/certs.d


(Nathan Le Claire) #5

@richardney Are you on boot2docker? Did you try https://github.com/boot2docker/boot2docker#installing-secure-registry-certificates ?


(Richard Ney) #6

I’m actually using the Docker for Mac beta. The forums brought this topic up when I was posting my question. Just noticed this topic is in a different forum.