Could not read CA certificate xxxx The system cannot find the file specified.

[eromoe]

docker-terminal:

$ docker build -t web .
Could not read CA certificate "C:\\Users\\admin\\.docker\\machine\\machines\\def
ault\\ca.pem": open C:\Users\admin\.docker\machine\machines\default\ca.pem: The
system cannot find the file specified.

the cert file is under
C:\Users\admin.docker\machine\certs (seems old toolbox's files)
and
C:\Users\admin.docker\machine\ (latest installed,because create time show files are created recently)

I have to copy ca from C:\Users\admin\.docker\machine\ to C:\Users\admin\.docker\machine\machines\default

[martinambrus]

+1

Having the same problem with Docker Toolbox on Windows 7. After building and running a container successfully yesterday, it can't start because of this error today once the PC has restarted.

[rikkigouda]

+1
Windows 2012 R2 x64

Simply running "docker version", and facing a similar issue. The CA path docker is trying to read seems odd:

could not read CA certificate "C:\Users\Install\.docker\machine\machines\default \ca.pem": open C:\Users\Install.docker\machine\machines\default \ca.pem: The system cannot find the path specified.

The correct path - where I can see the certs is:

c:\users[myusername].docker\machine\certs\

[rikkigouda]

Seems like setting a new environment variable like this would resolve that issue:

DOCKER_CERT_PATH=c:\users\myusername.docker\machine\certs

Although - now I'm stuck with the following:

C:\Users\myusername>docker version
Client:
 Version:      17.05.0-ce
 API version:  1.29
 Go version:   go1.7.5
 Git commit:   89658be
 Built:        Fri May  5 15:36:11 2017
 OS/Arch:      windows/amd64
error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.29/version: open //./pipe/docker_engine: The system cannot find the file specified. In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.

[ramanKC]

Could not read CA certificate "/home/kc/.docker/ca.pem": open /home/kc/.docker/ca.pem: no such file or directory

I followed following steps. Though step 2. should be enough for the this issue.

1. sudo usermod -aG docker $USER
2. unset ${!DOCKER*}

[irstavr]

I'm facing the same issue. Any fix on Windows? Many thanks.

[digikin]

So you have to begin with

C:\WINDOWS\system32>docker-machine create default

that will begin to create a default docker host and pull your CA files.

After you create the "default" machine in HyperV, for some reason it defaults the virtual network switch to "NAT". NAT is what allows communication through the network adapter. Open HyperV right click the "default" machine and click Settings and change the network adapter settings to the "Default Switch". The Default Switch is the what automatically gives virtual machines access to the computer's network using NAT.

<<<<<Once I did that the docker host came back online with a IPV4 address

C:\WINDOWS\system32>docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
default * hyperv Running tcp://192.168.65.238:2376 Unknown Unable to query docker version: Get https://192.168.65.238:2376/v1.15/version: x509: certificate is valid for 127.0.0.1, not 192.168.65.238
dev - hyperv Unknown

<<<Then in the https://docs.docker.com/toolbox/faqs/troubleshoot/#example-errors it says to regenerate-certs because of invalid certificates.

C:\WINDOWS\system32>docker-machine regenerate-certs default
Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...

C:\WINDOWS\system32>docker-machine restart default
Restarting "default"...
(default) Waiting for host to stop...
(default) Waiting for host to start...
Waiting for SSH to be available...
Detecting the provisioner...
Restarted machines may have new IP addresses. You may need to re-run the docker-machine env command.

C:\WINDOWS\system32>docker-machine env
SET DOCKER_TLS_VERIFY=1
SET DOCKER_HOST=tcp://192.168.65.238:2376
SET DOCKER_CERT_PATH=C:\Users\eric.docker\machine\machines\default
SET DOCKER_MACHINE_NAME=default
SET COMPOSE_CONVERT_WINDOWS_PATHS=true
REM Run this command to configure your shell:
REM @for /f "tokens=*" %i IN ('docker-machine env') DO @%i

C:\WINDOWS\system32>@for /f "tokens=*" %i IN ('docker-machine env') DO @%i

C:\WINDOWS\system32>docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.04.0-ce
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 0
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.93-boot2docker
Operating System: Boot2Docker 18.04.0-ce (TCL 8.2.1); HEAD : b8a34c0 - Wed Apr 11 17:00:55 UTC 2018
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 986.3MiB
Name: default
ID: CD2Y:WAHG:BLZX:P5FF:O3AO:2FCW:4W34:YYLW:GCS4:EOV7:JTRE:FZV3
Docker Root Dir: /mnt/sda1/var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
provider=hyperv
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false

C:\WINDOWS\system32>docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
2a72cbf407d6: Pull complete
04b2d3302d48: Pull complete
e7f619103861: Pull complete
Digest: sha256:18156dcd747677b03968621b2729d46021ce83a5bc15118e5bcced925fb4ebb9
Status: Downloaded newer image for nginx:latest

<<<Now everything is working as expected after a week of searching the internet.

[toknsi]

@irstavr

docker-machine env -u
Remove-Item Env:\\DOCKER_TLS_VERIFY
Remove-Item Env:\\DOCKER_HOST
Remove-Item Env:\\DOCKER_CERT_PATH
Remove-Item Env:\\DOCKER_MACHINE_NAME
# Run this command to configure your shell:
# & "C:\Program Files\Docker\Docker\Resources\bin\docker-machine.exe" env -u | Invoke-Expression

& "C:\Program Files\Docker\Docker\Resources\bin\docker-machine.exe" env -u | Invoke-Expression

[andywgarcia]

I had to uninstall virtual box and remove all of the environment variables as stated in other posts. Then I reinstalled docker for windows and it started working for me.

[klovack]

Docker is using the environment from the docker-machine that is deleted or the environment is simply not yet configured.
I solve my problem by unsetting the env with eval ${docker-machine env -u} or on Windows
& "C:\Program Files\Docker\Docker\Resources\bin\docker-machine.exe" env -u | Invoke-Expression

[CooperFu666]

This issue is solved!Thanks for your help! @digikin

[thrasher8390]

I'm still having this issue with the following version.

edit - following https://apilevel.wordpress.com/2017/11/23/docker-for-windows-certificate-error-solution/ fixed it for me. I had also installed "Docker For Windows"

[Erokos]

Hi,
I'm using Docker Toolbox and until yesterday didn't experience any problems. Then I connected to a remote host using a VPN and shit started to happen. Ofc I didn't know that was the cause and following the instructons the error spat out, I regenerated the certs. Still didn't work. Since then I've uninstalled both Docker and Virtualbox at least 3 times, and have deleted any remaining files (the .docker folder) but each time I install and then run the Docker Quickstart I get the same TLS error. I've tried the solutions written above both in the quickstart terminal and using Git Bash but then I get:

Error creating machine: Error in driver during machine creation: Too many retries waiting for SSH to be available. Last error: Maximum number of retries (60) exceeded

I'm at my wits end and think this docker toolbox is only good for throwing in the trash can. Can someone please help me troubleshoot this?

[narendramohan]

I am also facing problem unable to resolve docker endpoint: open C:\Users\narendra.prasad.docker\machine\machines\myvm3\ca.pem: The system cannot find the path specified.
And as suggested above i ran following command :
& "C:\Program Files\Docker\Docker\Resources\bin\docker-machine.exe" env -u | Invoke-Expression'
I am getting following error on executing above command in window 10

& was unexpected at this time.

please help

[indraginanjar]

And as suggested above i ran following command :
& "C:\Program Files\Docker\Docker\Resources\bin\docker-machine.exe" env -u | Invoke-Expression'
I am getting following error on executing above command in window 10

& was unexpected at this time.

Run the command in Windows PowerShell.

The command is to unset docker environment variables

Or, maybe you would change the environment variable permanently:

1. Start button

2. Edit environment variables for your account

3. scroll to find "DOCKER_CERT_PATH"

4. edit to "C:\Users\your.username.docker\machine\certs"

5. click OK button

6. Re-open command console