URGENT SUPPORT
NONURGENT SUPPORT

wesupport

CLIENT AREA
1-800-383-5193

25% off on first invoice for all services*

SPRING SALE

CHAT WITH US

Use coupon

*Offer valid for new customers only

25% off on first invoice for all services*

SPRING SALE

CHAT WITH US

Use coupon

*Offer valid for new customers only

Need help?

Our experts have had an average response time of 11.43 minutes in March 2024 to fix urgent issues.
GET HELP RIGHT NOW

We will keep your servers stable, secure, and fast at all times for one fixed price.

SEE SUPPORT PLANS

Docker x509: certificate signed by unknown authority | Resolved

by | Dec 21, 2021

Docker x509: certificate signed by unknown authority resolved in a jiffy.

At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Service.

Let’s take a look at how our Support Team recently helped a customer with the Docker x509 error: certificate signed by unknown authority.

What is the Certificate signed by unknown authority error?

We have been receiving queries where our customers find themselves unable to login to docker after installing IBM Cloud Private. Interestingly, they do not have an issue prior to the installation. The following error response pops in these scenarios:

docker login mycluster.icp:8500
Username: admin
Password:
Error response from daemon: Get https://x.x.x.x:8500/v2/: x509: certificate signed by unknown authority

Docker x509: certificate signed by unknown authority

According to our Support Engineers, this specific error is due to upgrading the Docker client during ICP installation along with adding the ICP CA certificate.

How to resolve Docker x509: certificate signed by unknown authority error

In order to resolve this error, we have to import the CA certificate in use by the ICP into the system keystore. Then, we have to restart the Docker client for the changes to take effect. However, the steps differ for different operating systems.

For instance, for Redhat 7.7:

  1. First, we have to locate the CA certificate. We can find it in the /opt/ibm-cloud-private-3.2.0/cluster/cfc-certs/etcd/ca.pem location.
  2. Then, we will save a copy of the CA certificate in the system truststore directory. Then we will update the CA trust. 
    cp /opt/ibm-cloud-private-3.2.0/cluster/cfc-certs/etcd/ca.pem /etc/pki/ca-trust/source/anchors
update-ca-trust
  3. Finally, we will restart the Docker client with the following command: 
    sysctl restart docker

This ensures that we won’t run into this specific Docker error anymore.

[Looking for a solution to another query? We are just a click away.]

Conclusion

To sum up, the skilled Support Engineers at Bobcares demonstrated how to deal with the certificate signed by unknown authority error.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

Related posts:

  1. Iptables no chain/target/match by that name docker – Quick fix!
  2. Install Docker compose in CentOS 7 – Errors and fixes
  3. VMWare vCenter Self-Signed Certificate Warning – How to remove
  4. Docker image DNS lookup error: How to resolve

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Docker Support

Spend time on your business, not on your servers.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management to us, and use that time to focus on the growth and success of your business.

TALK TO US Or click here to learn more.

Categories

Docker | Latest | Server Management

Tags

CA certificate | CA trust | certificate signed by unknown authority | Docker client | docker error | Docker x509 | Docker x509 certificate signed by unknown authority | IBM Cloud Private | ICP CA certificate | ICP installation | system keystore | system truststore directory