apocas / docker-modem

Docker Remote API network stack driver.
Apache License 2.0
234 stars 112 forks source link

DOCKER_TLS_VERIFY automatically enabled even without any config #110

Open bwateratmsft opened 5 years ago

bwateratmsft commented 5 years ago

Originally opened by @sureshsankaran in https://github.com/microsoft/vscode-docker/issues/1169

Test setup: Docker extension version - Alpha version built from source code as it is on July 27, 2019. Docker engine on remote machine - 18.03 version

I was trying to connect to remote docker engine by setting config parameters corresponding to DOCKER_HOST and DOCKER_CERT_PATH. Didn't set any value for "DOCKER_TLS_VERIFY" associated setting. Now the extension throws the error saying invalid server certificate, mismatched common name in the cert. I understand that the IP address used to connect to the docker engine is different from the one present in ssl cert common name. But this is the expected behavior with DOCKER_TLS_VERIFY=1. But why i am getting this error without even setting VERIFY=1.

Expected behavior: Extension should successfully connect to the remote docker engine without having to verify the server ssl cert.