Docker complains about invalid certificate after update to v1.7.0

After updating to Docker v1.7.0 (and also boot2docker), I’m getting the following error when running docker ps:

x509: certificate is valid for,, not

Is this a known issue with this version, and what can I do to fix this?

  • Not able to start a pod in minikube by pulling image from external private registry
  • Docker Swarms and Stacks: What's the difference?
  • docker-compose up container start ordering
  • Ember in docker with nginx can't reach server container
  • Docker for mac - Not able to connect to a mongo replica set running on host from inside the container
  • How to prevent docker images on docker hub being overwritten
  • Docker creating a new image with an added Java application
  • Not able to connect to cassandra from host machine
  • simulate Daemon-set in kubernetes with using Deployment
  • How to set the command history in a Dockerfile
  • MariaDB never starts within docker image
  • What causes this intermittent nix-build failure with error “Too many levels of symbolic links”?
  • 4 Solutions collect form web for “Docker complains about invalid certificate after update to v1.7.0”

    This is a known issue introduced in version 1.7.0 of boot2docker:

    Update to boot2docker 1.7.1

    Updating to boot2docker 1.7.1 fixes this issue, as described here.

    Options for boot2docker 1.7.0

    It seems to be related to the way the network interfaces are coming up during boot. The following options can be used to fix this.

    Option 1

    The fix is to run the following sequence, which adds code to wait for all network interfaces to be present:

    boot2docker ssh
    sudo curl -o /var/lib/boot2docker/profile
    sudo halt
    boot2docker up

    Source (and more details on the code that is downloaded):

    This has fixed the issue for me, although I had to stop the boot2docker-vm through the VirtualBox UI to get a clean start.

    The Gist adds the following to the .profile file in the boot2docker VM:

    wait4eth1() {
            until ip a show eth1 | grep -q UP
                    [ $((CNT++)) -gt 60 ] && break || sleep 1
            sleep 1

    This function waits up to 1 minute for the eth1 interface to come up.

    Option 2

    Another option seems to be to do

    boot2docker delete
    boot2docker init
    boot2docker up

    This will destroy the boot2docker VM – you might lose any customizations you have done.

    Simply running this command fixes the issue for me. This was suggested by a Docker employee via GitHub.

    boot2docker ssh sudo /etc/init.d/docker restart

    Unfortunately it needs to be run each time you start boot2docker.

    I’ve found the following “easy” alternative to work. Use a shell alias:

    alias docker="docker --tlsverify=false"

    Thanks to Mark Duncan.

    From the troubleshooting guide:

    docker-machine regenerate-certs default
    docker-machine restart default

    And then you’re good to go, just run this as usual

    eval $(docker-machine env default)
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.