I'm currently on a development environment, so there aren't certificates everywhere, or they're not compliant (using myrepo.dev.corp.fr where the certificate is *.corp.fr).
I'm trying to docker push
on an insecure docker repository, but I'm getting multiple errors:
Get https://repo.dev.corp.fr/v2/: x509: certificate is valid for *.corp.fr, not repo.dev.corp.fr
Or
Get https://anotherrepo.corp.fr/v2/: x509: certificate signed by unknown authority
I'm trying to tell docker that the repository is not secure, to not use TLS or anything, but I can't.
I'm on docker version 18.09.6. I don't have root acces on /etc/
so I can't modify daemon.json
or anything under there. And I also can't restart the docker service. However I do have write/read access to ~/.docker/
.
What I've tried:
Setting another file as conf with
docker --config-file mufile.json push etc.
, but it seems it's not meant to be used that way (unknown flag: --config-file
)Using
--inscure-registry repo.dev.corp.fr
in my docker cli. I've tried a few things explained on the website ( https://docs.docker.com/engine/reference/commandline/cli/ ). Setting the environment variables as Linux env var doesn't seems to work, does it needs to be set in a file ? For exampleexport DOCKER_CONTENT_TRUST=1
still gets me a "certificate signed by unknown authority". Shouldn't docker stop checking certificate at this point ?here ( Add Insecure Registry to Docker ) they're using
DOCKER_EXTRA_REGISTRIES='--insecure-registry b.example.com'
but it's in a file under/etc/
. So I can't change it.I can make my own certificate and tell docker to use it, but I would need to change it on the repo I'm trying to join right ? And there would still be
certificate signed by unknown authority
I guess. Also, it seems a little bit complicated for what I'm trying to achieve.
Questions:
With all the stuff I've tried, I might have done a few thing incorrectly, so mayube there's something to retry here ...
- How does docker uses it's environment variable like DOCKER_TLS : Is it in a file ? Or can I set it myself as an environment variable ? How do I check if docker is using them ?
- Is there any way to tell docker not to check certificates without modifying any file under
/etc/
?