Azure vm docker create找不到证书'ca.pem'
我想创build一个azure色的docker主机,所以我运行了以下命令(通过azure-cli版本0.8.11和节点版本0.10.33):
$ azure vm docker create -v [.. + loads of options..] info: Executing command vm docker create verbose: C:\Users\JAM\.docker\ca-key.pem file was not found verbose: C:\Users\JAM\.docker\ca.pem file was not found verbose: C:\Users\JAM\.docker\server-key.pem file was not found verbose: C:\Users\JAM\.docker\server-cert.pem file was not found verbose: C:\Users\JAM\.docker\key.pem file was not found verbose: C:\Users\JAM\.docker\cert.pem file was not found verbose: Generating docker certificates. verbose: Loading 'screen' into random state - done Generating RSA private key, 512 bit long modulus .......++++++++++++ ............++++++++++++ e is 65537 (0x10001) verbose: Unable to load config info from /usr/local/ssl/openssl.cnf verbose: Loading 'screen' into random state - done Generating RSA private key, 512 bit long modulus .++++++++++++ ..++++++++++++ e is 65537 (0x10001) verbose: Unable to load config info from /usr/local/ssl/openssl.cnf verbose: Loading 'screen' into random state -C:\Users\JAM\.docker\server.csr: No such file or directory done verbose: Loading 'screen' into random state - done Generating RSA private key, 512 bit long modulus .........................++++++++++++ ..++++++++++++ e is 65537 (0x10001) verbose: Unable to load config info from /usr/local/ssl/openssl.cnf verbose: Loading 'screen' into random state -C:\Users\JAM\.docker\client.csr: No such file or directory done verbose: writing RSA key verbose: writing RSA key error: ENOENT, no such file or directory 'C:\Users\JAM\.docker\ca.pem' verbose: stack Error: ENOENT, no such file or directory 'C:\Users\JAM\.docker\ca.pem' at Object.fs.chmodSync (fs.js:832:18) at C:\nvm\v0.10.33\node_modules\azure-cli\lib\commands\asm\vm\vmclient.js:3104:30 at ChildProcess.<anonymous> (C:\nvm\v0.10.33\node_modules\azure-cli\node_modules\openssl-wrapper\lib\openssl-wrapper.js:86:16) at ChildProcess.emit (events.js:98:17) at maybeClose (child_process.js:756:16) at Process.ChildProcess._handle.onexit (child_process.js:823:5) info: Error information has been recorded to azure.err azure-cli无法加载opensslconfiguration,因为path/usr/local不存在:
verbose: Unable to load config info from /usr/local/ssl/openssl.cnf
但是,path/usr/ssl/..和/usr/ssl/openssl.cnf存在。 所以我试着把/usr/ssl/*复制到/usr/local/ssl/* ,但同样的错误不断popup。
任何想法如何解决这个问题?
这已经开放了一段时间,但底线是Windows的支持是相当的一半。 最好的办法是下载OpenSSL,然后使用以下命令生成所需的密钥文件(在错误中将结果文件复制到.docker文件夹中)。
echo 01 > ca.srl openssl genrsa -des3 -out ca-key.pem openssl req -new -x509 -days 3650 -key ca-key.pem -out ca.pem openssl genrsa -des3 -out server-key.pem openssl req -new -key server-key.pem -out server.csr openssl x509 -req -days 365 -in server.csr -CA ca.pem -CAkey ca-key.pem -out server-cert.pem echo "Creating client keys..." openssl genrsa -des3 -out client-key.pem openssl req -new -key client-key.pem -out client.csr echo extendedKeyUsage = clientAuth > extfile.cnf openssl x509 -req -days 365 -in client.csr -CA ca.pem -CAkey ca-key.pem -out client-cert.pem -extfile extfile.cnf echo "Stripping passwords from keys..." openssl rsa -in server-key.pem -out server-key.pem openssl rsa -in client-key.pem -out key.pem
这是从http://blog.jameskyle.org/2014/04/coreos-docker-remote-api-tls/ ,它主要针对unix,但在Windows上的命令是相同的。
一旦你将这些文件复制到正确的地方,你可以进行安装(我目前正试图解决下一步:))。