In case you wanted to pull a container from Docker registry and experienced the error: “Error response from daemon: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority“, then we hope this guide will help you resolve the problem. We assume you have SSL Certificates ready because this will not cover the creation of SSL Certificates.
Step 1: Install ca-certificates
I’m working on a CentOS 7 server. So run the following command to install ca-certificates
sudo yum check-update ca-certificates; (($?==100)) && sudo yum update ca-certificates || sudo yum -y reinstall ca-certificates
Step 2: Create a directory in /etc/docker/certs.d
Docker recommends that we have to place certificates in /etc/docker/certs.d under a directory with the domain of the registry and port. In case you are using a private registry, please follow that style.
sudo mkdir -p /etc/docker/certs.d/registry-1.docker.io:443
Step 3: Copy SSL Certificates
Now copy your SSL Certs to the created directory above
sudo cp CA.crt registry-1.docker.io:443/ sudo cp server.crt registry-1.docker.io:443/ sudo cp server.key registry-1.docker.io:443/
Step 4: Restart Docker
Once done with the certificates generation and population. restart the docker service.
sudo systemctl restart docker
And now you should be able to pull your images
$ sudo docker pull alpine Using default tag: latest latest: Pulling from library/alpine 89d9c30c1d48: Extracting [=============> ] 753.7kB/2.787MB
Cheers guys. You now have a working Docker Setup.