shiplift icon indicating copy to clipboard operation
shiplift copied to clipboard
verified publisher icon softprops

Docker TLS verification fails for self-signed certificate

Open crash-g opened this issue 6 years ago • 1 comments

I have problems trying to use TLS verification.

Minimal failing example:

use shiplift::Docker;
use tokio::prelude::Future;
use hyper::Uri;

fn main() {
    let uri = "https://localhost:2376".parse::<Uri>().unwrap();
    let docker = Docker::host(uri);
    tokio::run(
        docker
            .info()
            .map(|info| println!("info {:?}", info))
            .map_err(|e| eprintln!("Error: {}", e)),
    );
}

Before running the example, set DOCKER_CERT_PATH and leave DOCKER_TLS_VERIFY unset:

export DOCKER_CERT_PATH=<path-to-client-cert-and-key>

The output is:

Docker Error: error trying to connect: the handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:: self signed certificate

The corresponding call made with Docker client works without problems:

docker -H tcp://localhost:2376 --tls --tlscert=<path-to-cert-pem> --tlskey=<path-to-key-pem> info

Question: is https correct in https://localhost:2376? I've tried with tcp but it complains about invalid HTTP version parsed.

crash-g avatar May 31 '19 15:05 crash-g

I'm also facing this issue unfortunately

mfirry avatar Jul 15 '19 12:07 mfirry