Private docker registry - x509: certificate signed by unknown authority

skoofy · February 17, 2021, 4:48pm

Hi

I have a problem with deployment from private docker registry. It is a gitlab project docker registry. I have added secret => registry credentials for my gitlab docker registry to my rancher project.

When I create the deployment, the pod gets created but it can not pull image from the registry with this error:

Failed to pull image “docker.example.com:5005/image_name:image_tag”: rpc error: code = Unknown desc = Error response from daemon: Get https://docker.example.com:5005/v2/: x509: certificate signed by unknown authority

Can someone please tell me how and where should I put root and intermediate ca of the docker server ssl certificate issuer?

Thank you all for your help.

Regards,
Andrej

skoofy · February 17, 2021, 5:56pm

Hi,

i have solved this issue with adding trusted root on rke cluster OS level (CentOS 8).

copy the file containing root ca certificate to /etc/pki/ca-trust/source/anchors/
run command update-ca-trust extract
reboot

If there is a better way please share.

Thank you and best regards,
Andrej

Topic		Replies	Views
X509 certificate signed by unknown authority RancherOS	7	8707	September 6, 2016
Can't pull Docker image rancher/rke-tools on vSphere cluster with Private CA Root Certificate Rancher	1	3727	August 31, 2018
X509: certificate signed by unknown authority	1	4387	April 27, 2017
Rancher 2 Private Docker Registry? Rancher	2	5808	December 3, 2018
Where/how to update cert to fix kubernetes deployment x509: certificate signed by unknown authority Rancher	0	5186	February 6, 2022

Private docker registry - x509: certificate signed by unknown authority

Related topics