如何在mac os中访问docker（v1.9.0）远程休息API x

Question

我想访问docker remote rest api，但我无法访问它。

例如

$ curl -v https://192.168.99.100:2376/images/json 
* About to connect() to 192.168.99.100 port 2376 (#0) 
* Trying 192.168.99.100... 
* Adding handle: conn: 0x7f8cd380fe00 
* Adding handle: send: 0 
* Adding handle: recv: 0 
* Curl_addHandleToPipeline: length: 1 
* - Conn 0 (0x7f8cd380fe00) send_pipe: 1, recv_pipe: 0 
* Connected to 192.168.99.100 (192.168.99.100) port 2376 (#0) 
* SSL certificate problem: Invalid certificate chain 
* Closing connection 0 
curl: (60) SSL certificate problem: Invalid certificate chain 
More details here: http://curl.haxx.se/docs/sslcerts.html 

curl performs SSL certificate verification by default, using a "bundle" 
of Certificate Authority (CA) public keys (CA certs). If the default 
bundle file isn't adequate, you can specify an alternate file 
using the --cacert option. 
If this HTTPS server uses a certificate signed by a CA represented in 
the bundle, the certificate verification probably failed due to a 
problem with the certificate (it might be expired, or the name might 
not match the domain name in the URL). 
If you'd like to turn off curl's verification of the certificate, use 
the -k (or --insecure) option. 

$ curl -v http://192.168.99.100:2376/images/json 
* About to connect() to 192.168.99.100 port 2376 (#0) 
* Trying 192.168.99.100... 
* Adding handle: conn: 0x7f9411008c00 
* Adding handle: send: 0 
* Adding handle: recv: 0 
* Curl_addHandleToPipeline: length: 1 
* - Conn 0 (0x7f9411008c00) send_pipe: 1, recv_pipe: 0 
* Connected to 192.168.99.100 (192.168.99.100) port 2376 (#0) 
> GET /images/json HTTP/1.1 
> User-Agent: curl/7.30.0 
> Host: 192.168.99.100:2376 
> Accept: */* 
> 

* Connection #0 to host 192.168.99.100 left intact 

，但如果我运行的泊坞窗命令它的工作原理：

$docker images 
REPOSITORY      TAG     IMAGE ID   CREATED    VIRTUAL SIZE 
subh007/docker_quagga   v1     fd482b733697  6 months ago  263.5 MB 

我也试图从stack post.遵循建议，但它din't工作对我来说，看起来像它的工作对boot2docker 。目前我使用的是mac os X（10.9.4）。

以下是泊坞窗机的详细资料：

$ docker-machine env default 
export DOCKER_TLS_VERIFY="1" 
export DOCKER_HOST="tcp://192.168.99.100:2376" 
export DOCKER_CERT_PATH="/Users/subh/.docker/machine/machines/default" 
export DOCKER_MACHINE_NAME="default" 
# Run this command to configure your shell: 
# eval "$(docker-machine env default)" 

请让我知道如果我错过了一些了解。

Answer 1

CURL的新版本使用Apple的安全传输API而不是OpenSSL API。使用P12格式的证书。试试这个吧 -

cd $DOCKER_CERT_PATH 
openssl pkcs12 -export -inkey key.pem -in cert.pem -CAfile ca.pem -chain -name client-side -out cert.p12 -password pass:mypass 
curl https://192.168.99.100:2376/images/json --cert $DOCKER_CERT_PATH/cert.p12 --pass mypass --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem