代理后面的Docker更改ssl证书 [英] Docker behind proxy that changes ssl certificate

问题描述

我正在尝试运行以下docker命令：

I am trying to run the following docker command:

docker run -i -t ubuntu /bin/bash

但是我收到错误：

Unable to find image 'ubuntu' (tag: latest) locally

Pulling repository ubuntu
2013/11/28 14:00:24 Get https://index.docker.io/v1/images/ubuntu/ancestry: x509: certificate signed by unknown authority

我知道我们公司即时替换了SSL证书，用于https请求。

I know that our company replaces the SSL Certificate on the fly for https requests.

我试图通过将公司的CA证书放在：

I tried to trust our company's CA certificate by putting it in:

 /etc/pki/tls/certs/ca-bundle.crt

和

/etc/pki/tls/cert.pem

但它仍然不起作用。

任何想法？

推荐答案

要配置docker使用代理系统，您首先需要添加HTTPS_PROXY / HTT P_PROXY环境变量到docker sysconfig文件。但是，根据您是否使用init.d或服务工具，您需要添加export语句。作为解决方法，您可以在docker的sysconfig文件中简单添加两种变体：

To configure docker to work with a proxy system you first need to add the HTTPS_PROXY / HTTP_PROXY environment variable to the docker sysconfig file. However depending on if you use init.d or the services tool you need to add the "export" statement. As a workaround you can simply add both variants in the sysconfig file of docker:

/etc/sysconfig/docker

HTTPS_PROXY="https://<user>:<password>@<proxy-host>:<proxy-port>"
HTTP_PROXY="https://<user>:<password>@<proxy-host>:<proxy-port>"
export HTTP_PROXY="https://<user>:<password>@<proxy-host>:<proxy-port>"
export HTTPS_PROXY="https://<user>:<password>@<proxy-host>:<proxy-port>"

$ b 。

To get docker working with ssl intercepting proxies you have to add the proxy root certificate to the systems trust store.

对于CentOS，将文件复制到/ etc / pki / ca-trust / source / anchors /并更新ca信任存储。之后再重新启动码头服务。
如果您的代理使用NTLM身份验证 - 有必要使用像cntlm这样的中间代理。
此博客文章详细解释

For CentOS copy the file to /etc/pki/ca-trust/source/anchors/ and update the ca trust store. Restart the docker service afterwards. If your proxy uses NTLM authentication - it's necessary to use intermediate proxies like cntlm. This blog post explains it in detail

这篇关于代理后面的Docker更改ssl证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！