Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Error response from daemon: Missing certificate domain.cert for key domain.key #1371
I've setup a registry at this address:
The docker compose is pretty straight forward:
cache: image: redis registry: restart: always image: registry:2 ports: - 5000:5000 links: - cache volumes: - /home/ubuntu/data:/var/lib/registry - /home/ubuntu/certs:/certs - /home/ubuntu/auth:/auth - /home/ubuntu/config.yml:/etc/docker/registry/config.yml frontend: image: konradkleine/docker-registry-frontend ports: - 8081:80 environment: ENV_DOCKER_REGISTRY_HOST: registry ENV_DOCKER_REGISTRY_PORT: 5000
with the config.yml being:
version: 0.1 log: level: debug fields: service: registry environment: staging storage: s3: accesskey: <ACCESS_KEY> secretkey: <SECRET_KEY> region: eu-west-1 bucket: ee-docker-registry-data encrypt: false secure: true v4auth: true chunksize: 5242880 rootdirectory: /registry auth: htpasswd: realm: basic-realm path: /auth/htpasswd http: addr: 0.0.0.0:5000 host: https://registry.equalexperts.io:5000 tls: certificate: /certs/registry.equalexperts.io.chained.crt key: /certs/registry.equalexperts.io.key debug: addr: localhost:5001 redis: addr: localhost:6379 db: 0
I do successfully curl and login to my registry from a docker-machine running on max os
docker -v Docker version 1.9.1, build a34a1d5 docker-machine -v Version: 0.5.5, build 02c4254
However attempting to push an image causes this error:
The whole list of commands is:
docker run hello-world docker tag hello-world registry.equalexperts.io:5000/hello-world docker push registry.equalexperts.io:5000/hello-world docker tag hello-world registry.equalexperts.io:5000/hello-world docker push registry.equalexperts.io:5000/hello-world
The certificates are created with sslmate, and as you can see in the config.yml I am passing the chained one to the docker registry.
I really can't see what is wrong with my configuration.
Thanks in advance,
Quick addition (that might help if anybody else is searching for workarounds), amending
Makes the push work, of course, the whole point of getting a certificate was to have a secure registry, so this will unblock me for now but doesn't seem a reasonable solution.
referenced this issue
Jan 20, 2016
I suppose it's clear.
Is how the folder structure should look like, ca&client are generated on the docker box, ca.crt needs to contain the CA root (I've used the full certificate chain)
Pull works well
thanks a lot
I'll probably blog about how to set the registry up, in combination with
Thanks a lot for your help guys, really appreciated
On Thu, Jan 21, 2016 at 7:57 PM, Stephen Day firstname.lastname@example.org