I am trying to deploy a docker registry in my server to manage our images. I have created it with TLS authentication.
When I run command docker login -u username [registry_domain]:[port]
in localhost docker login is successful.
When I'm running the same command from another machine I get:
Error response from daemon: Get [registry_domain]:[port] x509: certificate signed by unknown authority
I have added the file /etc/docker/daemon.json
with the next line, but it only solved the problem for localhost
{ "insecure-registries": ["registry:8443"] }
When checking the logs for the registry I can see the error:
http: TLS handshake error from [remoteComputerIp]: remote error: tls: bad certificate
Has anyone encountered this situation? Or maybe could point me to the right direction? Can't seem to find a solution for this
Found the solution.
In order to get the remote machines to be able to login to my registry, I had to copy the client.crt
I generated when creating the registry into the default machine I was connecting from. This is because I was signing the certificates myself.
You can ssh into it by using docker-machine ssh [name of the machine]
(in my case name was "default")
You copy the certificate to /etc/docker/certs.d/<registry-domain>:<port>/ca.crt
No need to restart anything. Once its working you can easily test by using the command docker login -u username <registry-domain>:<port>