Docker Community Forums

Share and learn in the Docker community.

x509: certificate signed by unknown authority


(Veitv) #1

Hello,
I have a problem starting with docker.
I’ve read the article about docker in the c’t-magazine and wanted to test it.
Now when i am trying to Login into docker.io from the terminal (using Ubuntu 14.04LTS) there comes an error message saying "X509: certificate signed by unknown authority"
Is there a way to fix this problem? Or to ignore it?
This error-message appears everytime i want to connect with docker.io from the terminal.

PS: I wanted to upload an picture but the docker forum says im too new to do it.

edit: I’ve sniffed the conversation between the PC and the docker-Server with Wireshark:
-> Protocol: TLSv1.2
-> Info: Alert (Level: Fatal, Description: Bad Certificate)

edit2: When I am trying to add repositories in my personal Docker Hub there comes an error massage like “This site cannot be shown. TLS/SSL-Problems” (Internet Explorer). Firefox will not even connect to the site before i accept the “bad certificate” to a “not trusted Connection”.

I think Docker has serious Problems with their SSL/TLS-certificates. Has nobody else this problems?

sincerely,
VeitV


(Sven Dowideit) #2

I just noticed - you’re using docker.io - which we don’t use anymore. We unified all the hosts to use docker.com as having the 2 domains was causing confusion.


(Veitv) #3

Hello Sven,
Ubuntu told me that there is no packet like “docker.com”.
I can’t create a docker.com container either.
Is there an other way to do it? What did i have to type into the terminal to create a Ubuntu-container?


(Sven Dowideit) #4

perhaps http://docs.docker.com/userguide/usingdocker/ will help?


(Veitv) #5

I’ve tested it with the docker command instead of docker.io.
The Terminal has shown me the same certification error as described.
Maybe it’s blocked by the firewall…?


(Sven Dowideit) #6

when you say ‘the firewall’ - do you mean your company’s, or ‘the Great firewall’?

(I’m sorry, i realise from your answer that I missunderstood your problem :/)


(Mfriedmann) #7

“x509: certificate signed by unknown authority” can occur when using docker behind an proxy system that does ssl inspection (repleaces ssl certificates).
Edit the docker sysconfig file to add the proxy settings and then add the proxy root certificate to the trusted certificates of the docker host and restart the docker service.
This post describes it in detail