[CentOS] Docker Update 1.13.1-53 -> 1.13.1-63 certificate error

Hans-Joachim Hetscher

dd8ne at web.de
Thu Jun 7 08:57:06 UTC 2018


Hello,

I'm using the docker stuff from the extras repo on CentOS 7.x
 
I'm using a secured local registry, which worked fine til 1.13.1-53
 
After the upgrade, I run into following error:
> docker login repo.local:5000
Error response from daemon: Get https://repo.local:5000/v1/users/: x509: certificate is not valid for any names, but wanted to match repo.local
 
> curl -v https://repo.local:5000/v1/users/
* About to connect() to repo.local port 5000 (#0)
*   Trying 1xx.xx.x.xx...
* Connected to repo.local (1xx.xx.x.xx) port 5000 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*       subject: CN=repo.local,OU=OU,O=Enterprise,L=City,ST=Country,C=DE
*       start date: Okt 09 14:31:40 2017 GMT
*       expire date: Aug 18 14:31:40 2027 GMT
*       common name: repo.local
*       issuer: CN=ROOTCA für xxx,OU=OU,O=Enterprise,L=City,ST=Contry,C=DE
> GET /v1/users/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: repo.local:5000
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< Docker-Distribution-Api-Version: registry/2.0
< X-Content-Type-Options: nosniff
< Date: Thu, 07 Jun 2018 08:49:35 GMT
< Content-Length: 19
<
404 page not found
* Connection #0 to host bbgpvmdocker0.bbg.michelin.com left intact
 
After downgrading to 1.13.1-53, all works again as expected.
 
Any hints to solve this issue?
Hans-Joachim
 



More information about the CentOS mailing list