Introduction

In case you wanted to pull a container from Docker registry and experienced the error: “Error response from daemon: Get https://registry-1.docker.io/v2/: x509: certificate signed by unknown authority“, then we hope this guide will help you resolve the problem. We assume you have SSL Certificates ready because this will not cover the creation of SSL Certificates.

Step 1: Install ca-certificates

I’m working on a CentOS 7 server. So run the following command to install ca-certificates

sudo yum check-update ca-certificates; (($?==100)) && sudo yum update ca-certificates || sudo yum -y reinstall ca-certificates

Step 2: Create a directory in /etc/docker/certs.d

Docker recommends that we have to place certificates in /etc/docker/certs.d under a directory with the domain of the registry and port. In case you are using a private registry, please follow that style.

sudo mkdir -p /etc/docker/certs.d/registry-1.docker.io:443 

Step 3: Copy SSL Certificates

Now copy your SSL Certs to the created directory above

sudo cp CA.crt registry-1.docker.io:443/
sudo cp server.crt registry-1.docker.io:443/
sudo cp server.key registry-1.docker.io:443/ 

Step 4: Restart Docker

Once done with the certificates generation and population. restart the docker service.

sudo systemctl restart docker

And now you should be able to pull your images

$ sudo docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
89d9c30c1d48: Extracting [=============>                          ]  753.7kB/2.787MB

Cheers guys. You now have a working Docker Setup. Check more guides:

Best Books To learn Docker and Ansible Automation

Managing Docker Containers with Docker Compose

How To Dockerize Django Application With PostgreSQL Database

How To Dockerize a Django Application on Linux

How To Export and Import Docker Images / Containers

Install Harbor Docker Image Registry on CentOS / Debian / Ubuntu

Install Latest Docker Compose on Linux