ehazlett
commented
9 years ago This is probably because it's pulling from the engine and not your local host. You could try to add them to the engine (Fusion VM).
Open tgoeke opened 9 years ago
ehazlett
commented
9 years ago This is probably because it's pulling from the engine and not your local host. You could try to add them to the engine (Fusion VM).
tgoeke
commented
9 years ago Thanks for the suggestion, it's right on, but we already tried that.
To further test the issue, I have a vagrant setup that uses Ubuntu 14.04 to setup a docker environment in VMware Fusion. We append the corporate certs to "/etc/ssl/certs/ca-certificates.crt", restart docker, everything works (on the same laptop).
I also appended the certs to "/etc/ssl/certs/ca-certificates.crt" on the boot2docker VM, and then did a "docker-machine restart", but it didn't work. (Same error, only now it's super slow.)
Furthermore, even if it had worked, we would have to do it all the time for every new machine, so it would be nice to have an easy way to set this up, like an "--evil-corp-certs=~\certs" option to pass in the certs and put them in the right place.
wallnerryan
commented
9 years ago +1
gbivins
commented
9 years ago +1 This has been our biggest barrier to entry with docker... Corp firewall. We worked around it with boot2docker but I'm having trouble getting it going with the new tools
ChrisPearce
commented
9 years ago +1
Running an image behind a corporate firewall that hacks the TLS certificate causes "docker run" to fail when pulling the image.
All attempts to add the corporate certificate to the local machine have failed since docker 1.5. (Currently using docker-machine 0.3.0 and docker 1.7.1 with VMware Fusion.)
It would be great to have an official procedure or even support for easily adding the corp certs.