Error response from daemon: Get https://192.168.2.99:443/v2/: x509: certificate signed by unknown authority
在Harbor镜像仓库搭建完成后,使用docker login 192.168.2.99:443连接出现以下报错:
意思:来自守护进程的错误响应:Gethttps://192.168.2.99:443/v2/: x509:由未知权限签署的证书。
原因分析
x509:由未知权限签署的证书。可能生成证书的时候是按域名生成的,但是登录时使用的却是ip,导致证书无法校验ip。或者证书生成错误。
守护进程的问题,检查docker的配置。
解决方法 方法一、不加端口登录(临时解决)
因为加的443端口是需要证书访问的(https协议,harbor.yml中配置)。而不加端口就默认为80端口访问(即http协议,harbor.yml中配置)
[root@qiutu harbor]# docker login 192.168.2.99Authenticating with existing credentials...WARNING! Your password will be stored unencrypted in /root/.docker/config.json.Configure a credential helper to remove this warning、Seehttps://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded [登录成功]
方法二、检查守护进程(docker)的配置(彻底解决)root@qiutu harbor]# vim /etc/docker/daemon.json { "exec-opts":["native.cgroupdriver=systemd"], "registry-mirrors":["https://registry.docker.cn.com"], "insecure-registries":["192.168.2.99:443"] //添加端口号(原来是没有的)}[root@qiutu harbor]# systemctl restart docker[root@qiutu harbor]# systemctl daemon-reload [root@qiutu harbor]# docker login 192.168.2.99:443Username: adminPassword: WARNING! Your password will be stored unencrypted in /root/.docker/config.json.Configure a credential helper to remove this warning、Seehttps://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded [登录成功]
问题解决!!
这篇文章解决了你的问题了吗?