Docker Community Forums

Share and learn in the Docker community.

Push to a private registry not receiving / Certificat not accepted


(Hawkeye78) #1

Hello,

we start yesterday with docker in our company and create a new Image on base of a Image from docker hub.
This Image we would like to push to our Nexus 3 Artifact Repository-Server. We use before the Nexus-Server a apache-http-proxy for the SSL-Capability and of course create a docker Repository in nexus.

We put the server and the ca Certificate in the directory /etc/docker/certs.d/nexus.ourcompany.com but if we try to login to the Repository we get the following result:

docker login https://nexus.ourcompany.com Username: jdoe Password: Email: john.doe@ourcompany.com Error response from daemon: invalid registry endpoint https://nexus.ourcompany.com/v0/: unable to ping registry endpoint https://nexus.ourcompany.com/v0/ v2 ping attempt failed with error: Get https://nexus.ourcompany.com/v2/: Forbidden v1 ping attempt failed with error: Get https://nexus.ourcompany.com/v1/_ping: Forbidden. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add–insecure-registry nexus.ourcompanyto the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/nexus.ourcompany.com/ca.crt

and if we try to push the image we get the error
The push refers to a repository [nexus.ourcompany.com/repository/alm] unable to ping registry endpoint https://nexus.ourcompany.com/v0/ v2 ping attempt failed with error: Get https://nexus.ourcompany.com/v2/: Forbidden v1 ping attempt failed with error: Get https://nexus.ourcompany.com/v1/_ping: Forbidden

and for the second case a colluege trace the traffic of the receiving server with tcpdump and the server don’t get any data from the docker-host-server

Becaucse we just start with docker we have no idea what is our mistake in the configuration and we would very thanksful for every hint.
best regards
Dan


(Nathan Le Claire) #2

This smells like firewall / network issues to me. Can you verify that the registry endpoint reachable from the same place the Docker process is running (including inside a VM if it is in there)? Is it an internal DNS that you haven’t configured nameservers for in the Docker daemon? And does it have firewall opened for the proper protocols? (I’m assuming TCP/HTTP in spite of the misleading “ping” line)


(Hawkeye78) #3

Hello Nathan,

thanks for your help and your advice it was actual a network problem i didn’t know i need to set the dns-server ip in the DOCKER_ARGS-argument. Now I can login but I get the error that the PUT Method is not allowed but this looks more than a problem with docker and less with docker.