Docker complains about invalid certificate after update to v1.7.0

After updating to Docker v1.7.0 (and also boot2docker), I’m getting the following error when running docker ps:

x509: certificate is valid for,, not

Is this a known issue with this version, and what can I do to fix this?

  • Dockerfile entrypoint not lunching on interactive mode
  • docker file not found
  • Connect to a docker host that is managed by dockercloud-agent
  • Capture output from attached docker container
  • Docker resource management and runtime configuration
  • .pgpass for PostgreSQL replication in Dockerized environment
  • docker container won't start because an existing pid file
  • Only receiving MQTT messages in interactive mode within a docker container
  • Elastic Beanstalk Multicontainer Docker Environments: redirect requests between 2 APIs
  • Why am I getting a docker container with no IPAddress?
  • Permisson error with mongo when running docker
  • operation not permitted Error response from daemon: Cannot start container System error: operation not permitted
  • 4 Solutions collect form web for “Docker complains about invalid certificate after update to v1.7.0”

    This is a known issue introduced in version 1.7.0 of boot2docker:

    Update to boot2docker 1.7.1

    Updating to boot2docker 1.7.1 fixes this issue, as described here.

    Options for boot2docker 1.7.0

    It seems to be related to the way the network interfaces are coming up during boot. The following options can be used to fix this.

    Option 1

    The fix is to run the following sequence, which adds code to wait for all network interfaces to be present:

    boot2docker ssh
    sudo curl -o /var/lib/boot2docker/profile
    sudo halt
    boot2docker up

    Source (and more details on the code that is downloaded):

    This has fixed the issue for me, although I had to stop the boot2docker-vm through the VirtualBox UI to get a clean start.

    The Gist adds the following to the .profile file in the boot2docker VM:

    wait4eth1() {
            until ip a show eth1 | grep -q UP
                    [ $((CNT++)) -gt 60 ] && break || sleep 1
            sleep 1

    This function waits up to 1 minute for the eth1 interface to come up.

    Option 2

    Another option seems to be to do

    boot2docker delete
    boot2docker init
    boot2docker up

    This will destroy the boot2docker VM – you might lose any customizations you have done.

    Simply running this command fixes the issue for me. This was suggested by a Docker employee via GitHub.

    boot2docker ssh sudo /etc/init.d/docker restart

    Unfortunately it needs to be run each time you start boot2docker.

    I’ve found the following “easy” alternative to work. Use a shell alias:

    alias docker="docker --tlsverify=false"

    Thanks to Mark Duncan.

    From the troubleshooting guide:

    docker-machine regenerate-certs default
    docker-machine restart default

    And then you’re good to go, just run this as usual

    eval $(docker-machine env default)
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.