-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to login to docker register with x509 certificate signed by unknown authority error #21691
Comments
@lrx0014 did you solve this? Having same issue.. thanks |
@spock123 and the docker-registry-default.master.openshift.me is the public address of my openshift docker registry, then the docker login command returned "login success" |
Thank you, yes I resolved it the same way.
Thanks
…On Wed, Mar 27, 2019, 03:29 Renxiang ***@***.***> wrote:
@spock123 <https://github.com/spock123>
I copied the path */etc/docker/cert.d/docker-registry.default.svc:5000*
to */etc/docker/cert.d/docker-registry-default.master.openshift.me
<http://docker-registry-default.master.openshift.me>*
and the *docker-registry-default.master.openshift.me
<http://docker-registry-default.master.openshift.me>* is the public
address of my openshift docker registry, then the *docker login* command
returned "login success"
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#21691 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABNWdEdDtsCbc5NFOKGg7fHXVbaq9Zs2ks5vateHgaJpZM4Zbou6>
.
|
Sorry, I'm having the same issue. I still dont understand. What did you actually do? |
First you generate a certificate on the registry (modify to use your service/server names instead of mine:)
Then you copy generated certificate file /etc/origin/master/ca.crt to your docker client machine at /etc/docker/certs.d/docker-registry-default.testcloud.oresundsbron.com Restart docker service on the client machine so the new certificate is registered Get a token from the registry:
Now login to your registry from the client machine:
Hope this helps.. if you ask me it's a mess |
@spock123 thank you. it works!! |
@gielvandanu that's great to hear! Super!!! |
I installed the OKD by ansible-playbook, and I want to push/pull docker images from another machine with the public docker-registry host, I followed the hint of atomic registry web console:
Log into the registry: $ sudo docker login -p w4cu5RvMdI1TAaQXshjdtNCgSgPkkopifwKz6F8_1EA -e unused -u unused docker-registry-default.master.openshift.me Log into OpenShift command line tools: $ oc login --token w4cu5RvMdI1TAaQXshjdtNCgSgPkkopifwKz6F8_1EA master.openshift.me:8443
but I get a x509: certificate signed by unknown authority error when I executed docker login command.
next I followed this page to add a registry.crt to /etc/docker/cert.d/docker-registry-default.master.openshift.me/:
https://access.redhat.com/solutions/3654811
It still unable to login in.
Moreover why the value of param '-u' is 'unused' ? is that normal ?
Version
openshift v3.11.0+62803d0-1
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO
docker-1.13.1-87.git07f3374.el7.x86_64
Steps To Reproduce
Installed OKD with ansible
add registry.crt to /etc/docker/cert.d/.........
Current Result
The text was updated successfully, but these errors were encountered: