Private docker registry - x509: certificate signed by unknown authority


I have a problem with deployment from private docker registry. It is a gitlab project docker registry. I have added secret => registry credentials for my gitlab docker registry to my rancher project.

When I create the deployment, the pod gets created but it can not pull image from the registry with this error:

Failed to pull”: rpc error: code = Unknown desc = Error response from daemon: Get x509: certificate signed by unknown authority

Can someone please tell me how and where should I put root and intermediate ca of the docker server ssl certificate issuer?

Thank you all for your help.



i have solved this issue with adding trusted root on rke cluster OS level (CentOS 8).

  1. copy the file containing root ca certificate to /etc/pki/ca-trust/source/anchors/
  2. run command update-ca-trust extract
  3. reboot

If there is a better way please share.

Thank you and best regards,