You are not logged in.
- Topics: Active | Unanswered
#1 2018-06-20 20:17:41
- nobled
- Member
- From: Pleasant Grove, Utah
- Registered: 2013-04-06
- Posts: 14
[sovled] Install a new CA Cert
My company requires us to install a CA cert for our docker registry and I can't figure out how. I found some old instructions here: https://www.archlinux.org/news/ca-certificates-update/ and tried that.
I put the .crt file in /etc/ca-certificates/trust-source/anchors/, ran sudo trust extract-compat, and then restarted the docker daemon and I still get the error x509: certificate signed by unknown authority
Does anyone know what I need to do to install the CA .crt file?
Thanks
Edit:
So I'm an idiot. The method outlined above works, you just have to be using the right .crt file for the server...
Last edited by nobled (2018-06-20 23:43:31)
Offline
#2 2018-06-20 22:30:45
- progandy
- Member
- Registered: 2012-05-17
- Posts: 5,192
Re: [sovled] Install a new CA Cert
Arch uses the script update-ca-trust in a pacman hook to update the trust database after installing e.g. ca-certificates-cacert.
You can try to use sudo update-ca-trust.
Otherwise look into where docker allows you to store certificates: https://docs.docker.com/engine/security/certificates/
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
#3 2018-06-20 23:19:37
- nobled
- Member
- From: Pleasant Grove, Utah
- Registered: 2013-04-06
- Posts: 14
Re: [sovled] Install a new CA Cert
I tried running sudo update-ca-trust and restarting docker but that didn't help either. Where does that script read the .crt files from?
Offline