dockerhub registery: x509: certificate signed by unknown authority

I’ve spend hours looking to solve this issue, however I’m unable to find any topics related to this issue, since all I find is custom registeries.
When running any of the docker commands that connect to docker hub, either through https://registry-1.docker.io/v2/ or https://index.docker.io/v1, all requests end up in “x509: certificate signed by unknown authority”. However using curl to run query the same endpoints seem to function just fine.

I’ve reinstalled docker completely, purging all configuration files, however it does not seem to make a difference.

  • I want to share code content across several containers using docker-compose volume directive
  • How can I get a container running again, that has stopped now but was running before
  • Docker on embedded systems, why not?
  • docker, where is the aufs root for the docker container
  • Extending local Dockerfile
  • Gitlab CI - Use docker image offline
  • Anything I’m missing?

    docker info:

    Containers: 0
     Running: 0
     Paused: 0
     Stopped: 0
    Images: 0
    Server Version: 17.05.0-ce
    Storage Driver: overlay2
     Backing Filesystem: extfs
     Supports d_type: true
     Native Overlay Diff: true
    Logging Driver: json-file
    Cgroup Driver: cgroupfs
    Plugins: 
     Volume: local
     Network: bridge host macvlan null overlay
    Swarm: inactive
    Runtimes: runc
    Default Runtime: runc
    Init Binary: docker-init
    containerd version: 9048e5e50717ea4497b757314bad98ea3763c145
    runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
    init version: 949e6fa
    Security Options:
     seccomp
      Profile: default
    Kernel Version: 4.9.35-1-lts
    Operating System: Arch Linux
    OSType: linux
    Architecture: x86_64
    CPUs: 8
    Total Memory: 15.34GiB
    ID: 5Q4D:TLJF:3I3U:O522:VQMK:24BU:H5ND:UPOU:MWYS:WGTB:XFXR:BQES
    Docker Root Dir: /var/lib/docker
    Debug Mode (client): false
    Debug Mode (server): false
    Registry: https://index.docker.io/v1/
    Experimental: false
    Insecure Registries:
     127.0.0.0/8
    Live Restore Ena
    

    Using docker:

    [user@hostname]$ docker search ubunut
    Error response from daemon: Get https://index.docker.io/v1/search?q=ubunut&n=25: x509: certificate signed by unknown authority
    

    Using curl:

    [user@hostname]$ curl -v  https://index.docker.io/v1/search?q=ubunut&n=25
    [1] 2152
    [user@hostname]$ *   Trying 34.200.194.233...
    * TCP_NODELAY set
    * Connected to index.docker.io (34.200.194.233) port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
    * successfully set certificate verify locations:
    *   CAfile: /etc/ssl/certs/ca-certificates.crt
      CApath: none
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
    * ALPN, server did not agree to a protocol
    * Server certificate:
    *  subject: OU=GT98568428; OU=See www.rapidssl.com/resources/cps (c)15; OU=Domain Control Validated - RapidSSL(R); CN=*.docker.io
    *  start date: Mar 19 17:34:32 2015 GMT
    *  expire date: Apr 21 01:51:52 2018 GMT
    *  subjectAltName: host "index.docker.io" matched cert's "*.docker.io"
    *  issuer: C=US; O=GeoTrust Inc.; CN=RapidSSL SHA256 CA - G3
    *  SSL certificate verify ok.
    > GET /v1/search?q=ubunut HTTP/1.1
    > Host: index.docker.io
    > User-Agent: curl/7.54.1
    > Accept: */*
    > 
    < HTTP/1.1 200 OK
    < Server: nginx/1.6.2
    < Date: Wed, 05 Jul 2017 12:10:22 GMT
    < Content-Type: application/json
    < Transfer-Encoding: chunked
    < Vary: Cookie
    < X-Frame-Options: SAMEORIGIN
    < Strict-Transport-Security: max-age=31536000
    < 
    {"num_pages": 1, "num_results": 21, "results": [{"is_automated": true, "name": "han4wluc/try-docker-ubunut-node", "is_trusted": true, ... *truncated*
    

  • Understanding the add command on dockerfile for Ubuntu
  • How to mount host directory in docker container using remote api
  • HTTP status: 500 error on docker pull using docker-machine
  • `initialize': the scheme postgres does not accept registry part: postgres:@ (or bad hostname?) (URI::InvalidURIError) with Docker
  • Error after importing JDL using jhipster with docker
  • Nginx + dnsmasq = 'could not be resolved (5: Operation refused)'
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.