Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Private registry:2 push fail: unable to ping registry endpoint...x509: cannot validate certificate for ... because it doesn't contain any IP SANs #948
Unable to get TLS to work with private registry:2 on ubuntu 14.04
Private registry worked when I run it unsecure, but that is no help.
Unable to determine what is wrong with cert and/or docker registry:2
/mnt/three/TLS-cert/certs$ docker push 192.168.1.102:5000/mongo
~/mnt-three/docker-registry$ docker version
~/mnt-three/docker-registry$ docker info
/mnt/three/TLS-cert/certs$ docker exec 4703d2735d89 registry -version
Command to launch registry
docker daemon debug showing error:
command to create self signed certs
You need to use a domain name, or have the ip into your certificate.
More about that topic here (this is not a registry specific topic): http://serverfault.com/questions/611120/failed-tls-handshake-does-not-contain-any-ip-sans
Thank you for this direction to the correct information.
I had reviewed this page several times with many many other web posts about TLS and docker registry error messages. I did not understand that this logstash solution and docker registry:2 solution with TLS was the same incident, thank you.
I am running a proof of concept with docker without outside help of a security team. This is being setup on a group of four servers that are isolated without DNS to determine what business process changes may be needed for a move to a secure docker.
Hopefully this information will be helpful to others and save them many web search hours.