Docker Community Forums

Share and learn in the Docker community.

Securing a Private Repository

I followed the instructions on


to setup a Docker Registry on a Mac (10.12.6 running docker 18.09).
I’m using a GlobalSign certificate which also has an intermediate certificate.

I was able to get the registry running and then connect via cURL and a web browser, but not using the docker login command (got a “x509: certificate signed by unknown authority” error).

After a LOT of searching, I found another article


which helped me add the certificates and get the Mac client working!

However, I added ALL the certificates I had…
What, specifically do I need to put into ~/.docker/certs.d/server:5000/??
(I have the GlobalSign root certs R1 and R3, the GlobalSign intermediate, my public cert, and the bundle I used in the Registry which had the public and intermediate cat’ed together)

Thank you,

Brian Paquin