0
我有一个远程的Docker注册表设置。它安装了一个爸爸的SSL证书。Docker私人注册表 - 推送到'不安全的注册表'仍然抱怨'未知的权威'
如果我卷曲它,我得到一个 '未知的权威' 错误:
curl https://example.com:5000/v2/
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
More details here: http://curl.haxx.se/docs/sslcerts.html
...
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
所以我然后使用 '不安全' 卷曲:
curl -k https://example.com:5000/v2
,我得到
{} //which I guess is because there is nothing in the registry?
检查,我蜷缩一个不存在的端点:
curl -k https://example.com:5000/moo
404 page not found //which is positive, as it means the -k flag is suppressing the 'unknown authority' correctly
所以,现在我知道这是可以通过卷曲连接到注册表我尝试使用泊坞窗客户端推送图片:
docker push example.com:5000/my-image
The push refers to a repository [example.com:5000/my-image]
unable to ping registry endpoint https://example.com:5000/v0/
v2 ping attempt failed with error: Get https://example.com:5000/v2/: x509: certificate signed by unknown authority
v1 ping attempt failed with error: Get https://example.com:5000/v1/_ping: x509: certificate signed by unknown authority
所以我再尝试加入“不安全取消错误-registry”至DOCKER_OPTS(如所解释here):
DOCKER_OPTS = “ - 不安全的注册表example.com:5000”
[重启搬运工守护进程]
它不起作用。我得到了同样的“未知权威”警告。
首先,为什么Go Daddy的证书不可信?我把它安装在nginx服务器上,并且它在浏览器上的'绿色栏'上工作正常。
其次,我如何获得'不安全的注册表'与Docker一起使用?谢谢
看到[这里](http://stackoverflow.com/questions/39121710/not-able-to-login-in-docker-private-repositry/39245158#39245158)设置码头注册表与私人证书。 –