Last Updated: February 25, 2016
·
718
· argent-smith

Custom CA verification in docker-machine

Why?

You need to set up your custom docker registry but docker-machine's docker refuses to talk to your registry because of CA verification issues.

What?

We'll install your custom ca.crt into docker-machine instance.

How?

  1. Prepare your custom ca.crt
  2. ssh to docker-machine instance
  3. mkdir -p /var/lib/boot2docker/certs/your.registry.net
  4. echo "your ca cert text" > /var/lib/boot2docker/certs/your.registry.net/ca.crt
  5. Change (or create) /var/lib/boot2docker/bootlocal.sh to contain:
#!/bin/sh
mkdir -p /etc/docker/certs.d
cp -Rp /var/lib/boot2docker/certs/your.registry.net /etc/docker/certs.d

You may automate the whole process, of course. Finally you'll have a persistent ca.crt being copied to docker-machine's docker configs on every boot.