Docker Community Forums

Share and learn in the Docker community.

TLS verification should use private key from keychain

beta

(Robert) #1

Expected behavior

TLS verification for remote servers should use the OS X keychain to get the private key

Actual behavior

Instead, the private key has to be stored in a file named “key.pem” in the file system, rendering it more vulnerable

Information

This is an enhancement request

Steps to reproduce the behavior

  1. Set up a remote host using export DOCKER_HOST=tcp://some.where.example.com:2376 ; export DOCKER_TLS_VERIFY=1 ; export DOCKER_CERT_PATH=~/where/you/like/them/