[CentOS-devel] Pulling docker images from registry.access.redhat.com fails because of certs

Mon Jun 11 12:19:30 UTC 2018
Praveen Kumar <kumarpraveen.nitdgp at gmail.com>


I think with the recent change in the package from
python-rhsm-certificates to subscription-manager-rhsm-certificates
doesn't provide the docker registry certs for
registry.access.redhat.com and user not able to pull any images from
there. Is it intentional or there is some regression?

Below looks like a dead lock to me :(

$ docker pull registry.access.redhat.com/jboss-eap-7/eap70-openshift at sha256:7a3acb825766a00fd865d9616bbd129fd747dd38b340704c835e47b9071de1d4
Trying to pull repository
registry.access.redhat.com/jboss-eap-7/eap70-openshift ...
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no
such file or directory

$ ls -l  /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt
lrwxrwxrwx. 1 root root 27 May 28 08:19
/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt ->

$ ls -l /etc/rhsm/ca/redhat-uep.pem
ls: cannot access /etc/rhsm/ca/redhat-uep.pem: No such file or directory

$ rpm -ql subscription-manager-rhsm-certificates

$ sudo yum whatprovides "/etc/rhsm/ca/redhat-uep.pem"
python-rhsm-certificates-1.19.10-1.el7_4.x86_64 : Certificates
required to communicate with a Red Hat Unified Entitlement Platform
Repo        : base
Matched from:
Filename    : /etc/rhsm/ca/redhat-uep.pem

$ sudo yum install -y python-rhsm-certificates
Package python-rhsm-certificates-1.19.10-1.el7_4.x86_64 is obsoleted
by subscription-manager-rhsm-certificates-1.20.11-1.el7.centos.x86_64
which is already installed
Nothing to do

Praveen Kumar