Docker complains about invalid certificate after update to v1.7.0

After updating to Docker v1.7.0 (and also boot2docker), I’m getting the following error when running docker ps:

x509: certificate is valid for 127.0.0.1, 10.0.2.15, not 192.168.59.103

Is this a known issue with this version, and what can I do to fix this?

  • How to get Rancher scripts code when add agent to nodes hosts?
  • Docker not adding existing file
  • Proxy_pass from foo.website.com to localhost:xxxx using nginx on docker - not localhost on physical machine
  • my docker build just keeps closing
  • Expose my docker container to my external IP on GCP
  • How to upgrade Openshift Origin Docker to latest version?
  • Cassandra and lucene: User management in docker
  • how to pull docker images in a fast way. It takes too much of time just to download 50mb of image
  • Docker file permission php on Mac OS with docker-compose && dockerfile
  • Docker install in user home
  • Where to find more explicit errors given container error status codes?
  • How to use nginx with docker as a reverse proxy
  • 4 Solutions collect form web for “Docker complains about invalid certificate after update to v1.7.0”

    This is a known issue introduced in version 1.7.0 of boot2docker: https://github.com/boot2docker/boot2docker/issues/824

    Update to boot2docker 1.7.1

    Updating to boot2docker 1.7.1 fixes this issue, as described here.

    Options for boot2docker 1.7.0

    It seems to be related to the way the network interfaces are coming up during boot. The following options can be used to fix this.

    Option 1

    The fix is to run the following sequence, which adds code to wait for all network interfaces to be present:

    boot2docker ssh
    sudo curl -o /var/lib/boot2docker/profile https://gist.githubusercontent.com/garthk/d5a17007c277aa5c76de/raw/3d09c77aae38b4f2809d504784965f5a16f2de4c/profile
    sudo halt
    boot2docker up
    

    Source (and more details on the code that is downloaded): https://gist.github.com/garthk/d5a17007c277aa5c76de

    This has fixed the issue for me, although I had to stop the boot2docker-vm through the VirtualBox UI to get a clean start.

    The Gist adds the following to the .profile file in the boot2docker VM:

    wait4eth1() {
            CNT=0
            until ip a show eth1 | grep -q UP
            do
                    [ $((CNT++)) -gt 60 ] && break || sleep 1
            done
            sleep 1
    }
    wait4eth1
    

    This function waits up to 1 minute for the eth1 interface to come up.

    Option 2

    Another option seems to be to do

    boot2docker delete
    boot2docker init
    boot2docker up
    

    This will destroy the boot2docker VM – you might lose any customizations you have done.

    Simply running this command fixes the issue for me. This was suggested by a Docker employee via GitHub.

    boot2docker ssh sudo /etc/init.d/docker restart

    Unfortunately it needs to be run each time you start boot2docker.

    I’ve found the following “easy” alternative to work. Use a shell alias:

    alias docker="docker --tlsverify=false"
    

    Thanks to Mark Duncan.

    From the troubleshooting guide:

    docker-machine regenerate-certs default
    
    docker-machine restart default
    

    And then you’re good to go, just run this as usual

    eval $(docker-machine env default)
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.