Solve Error response from daemon: Get x509: certificate signed by unknown authority

Posted on 289 views


In case you wanted to pull a container from Docker registry and experienced the error: “Error response from daemon: Get x509: certificate signed by unknown authority“, then we hope this guide will help you resolve the problem. We assume you have SSL Certificates ready because this will not cover the creation of SSL Certificates.

Step 1: Install ca-certificates

I’m working on a CentOS 7 server. So run the following command to install ca-certificates

sudo yum check-update ca-certificates; (($?==100)) && sudo yum update ca-certificates || sudo yum -y reinstall ca-certificates

Step 2: Create a directory in /etc/docker/certs.d

Docker recommends that we have to place certificates in /etc/docker/certs.d under a directory with the domain of the registry and port. In case you are using a private registry, please follow that style.

sudo mkdir -p /etc/docker/certs.d/ 

Step 3: Copy SSL Certificates

Now copy your SSL Certs to the created directory above

sudo cp CA.crt
sudo cp server.crt
sudo cp server.key 

Step 4: Restart Docker

Once done with the certificates generation and population. restart the docker service.

sudo systemctl restart docker

And now you should be able to pull your images

$ sudo docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
89d9c30c1d48: Extracting [=============>                          ]  753.7kB/2.787MB

Cheers guys. You now have a working Docker Setup.


Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.