docker工具箱在窗口然后docker运行hello-world获得x509:由未知权威签名的证书
尝试了很多的例子,但没有为我工作。
我的Docker版本:
C:\>docker version Client: Version: 1.12.2 API version: 1.24 Go version: go1.6.3 Git commit: bb80604 Built: Tue Oct 11 17:00:50 2016 OS/Arch: windows/amd64 Server: Version: 1.12.3 API version: 1.24 Go version: go1.6.3 Git commit: 6b644ec Built: Wed Oct 26 23:26:11 2016 OS/Arch: linux/amd64 我没有将证书(* .pem)复制到/etc/docker/certs.d位置,但没有效果。
docker@default:~$ l /etc/docker/certs.d/ total 24 drwxr-xr-x 2 root root 4096 Nov 30 17:59 ./ drwxr-xr-x 3 root root 4096 Nov 30 17:16 ../ -rwxr-xr-x 1 root root 1679 Nov 30 17:59 ca-key.pem -rwxr-xr-x 1 root root 1038 Nov 30 17:59 ca.pem -rwxr-xr-x 1 root root 1078 Nov 30 17:59 cert.pem -rwxr-xr-x 1 root root 1675 Nov 30 17:59 key.pem
证书是在创build虚拟机时生成的证书。
感谢你对此的帮助。 花了一天试图如何解决这个问题。
运行docker run时生成消息hello-world日志来自位于/ var / lib / boot2docker中的docker.log /
time="2016-11-30T18:25:14.233037149Z" level=debug msg="Client and server don't have the same version (client: 1.12.2, server: 1.12.3 )" time="2016-11-30T18:25:14.233712555Z" level=error msg="Handler for POST /v1.24/containers/create returned error: No such image: hello-world:latest" time="2016-11-30T18:25:14.244589790Z" level=debug msg="Calling GET /v1.24/info" time="2016-11-30T18:25:14.244626594Z" level=debug msg="Client and server don't have the same version (client: 1.12.2, server: 1.12.3)" time="2016-11-30T18:25:14.249913910Z" level=debug msg="Calling POST /v1.24/images/create?fromImage=hello-world&tag=latest" time="2016-11-30T18:25:14.249943955Z" level=debug msg="Client and server don't have the same version (client: 1.12.2, server: 1.12.3)" time="2016-11-30T18:25:14.250041478Z" level=debug msg="Trying to pull hello-world from https://registry-1.docker.io v2" time="2016-11-30T18:25:14.327535482Z" level=warning msg="Error getting v2 registry: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority" time="2016-11-30T18:25:14.327561850Z" level=error msg="Attempting next endpoint for pull after error: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority" time="2016-11-30T18:25:14.327574917Z" level=debug msg="Trying to pull hello-world from https://index.docker.io v1" time="2016-11-30T18:25:14.327587833Z" level=debug msg="hostDir: /etc/docker/certs.d/docker.io" time="2016-11-30T18:25:14.327858818Z" level=debug msg="[registry] Calling GET https://index.docker.io/v1/repositories/library/hello-world/images" time="2016-11-30T18:25:14.501831878Z" level=error msg="Not continuing with pull after error: Error while pulling image: Get https://index.docker.io/v1/repositories/library/hello-world/images: x509: certificate signed by unknown authority"
你可能是在一个代理的背后。 试试这个sudo vi / var / lib / boot2docker / profile
在configuration文件的末尾添加以下内容
# replace with your office's proxy environment export "HTTP_PROXY=http://PROXY:PORT" export "HTTPS_PROXY=http://PROXY:PORT" # you can add more no_proxy with your environment. export "NO_PROXY=192.168.99.*,*.local,169.254/16,*.example.com,192.168.59.*"
然后重新启动boot2docker
上述步骤为我工作。 我在窗户上。
原来我们是在一个代理的背后,但是这些设置不适用于我们的Zscalar代理系统。 Zscalar插入自己的证书并将这些证书添加到Docker的安装程序不起作用。 Zscalar确实有一个SSL旁路设置,可以免除给定的URL这种SSL处理方式。
对于Docker,您必须使用.docker.io和.cloudfront.net的URL