Docker Community Forums

Share and learn in the Docker community.

Got problem when deploy an application onto UCP

docker

(Bill Wang) #1

Following below url to set application in UCP
https://docs.docker.com/ucp/deploy-application/

At step 2 - 12, I got below error:

root@ip-172-31-4-2:~/deploy-app/bundle# docker info
An error occurred trying to connect: Get https://52.62.240.32:8443/v1.22/info: x509: certificate is valid for 127.0.0.1, 172.17.0.1, 172.31.4.2, not 52.62.240.32
root@ip-172-31-4-2:~/deploy-app/bundle#

52.62.240.32 is public IP, 173.31.4.2 is private IP. How to fix this?


(Alm. Brand Docker admins) #2

You should add the public IP to the SAN list when you install the UCP controller (see https://docs.docker.com/ucp/plan-production-install/#subject-alternative-names-sans)


(Bill Wang) #4

still work on this issue, seems missing some steps when install ucp (but not in documents)

None of the hostnames we'll be using in the UCP certificates [ip-172-31-4-2 127.0.0.1 172.17.0.1 172.31.4.2 52.62.240.32] contain a domain component.  Your generated certs may fail TLS validation unless you only use one of these shortnames or IPs to connect.  You can use the --san flag to add more aliases

(Bill Wang) #5

Thanks a lot @almdocker

The problem has been fixed after uninstall ucp and reinstall ucp with additional option I added:

--san 52.62.240.32

But not sure, how to add more list.

--san 52.62.240.32 --san example.com

or

--san "52.62.240.32,example.com"

(Vivek Saraswat) #6

Hi Bill,

It is the second. so:
--san foo --san bar --san etc

You can find examples if you add --help after --san.