docker-machine create fails with "x509: certificate signed by unknown authority"

[jhalterman]

docker-machine create fails with a certificate error. I've seen similar issues when using private repos, but I'm using the default/public repo here. I'm running OSX Yosemite (10.10.5).

$ docker-machine create --driver virtualbox dev
Running pre-create checks...
(dev) Unable to get the latest Boot2Docker ISO release version:  Get https://api.github.com/repos/boot2docker/boot2docker/releases/latest: x509: certificate signed by unknown authority

Stats:

$ docker -v
Docker version 1.11.2, build b9f10c9
$ docker-machine -v
docker-machine version 0.7.0, build a650a40

[mirkoebert]

Same problem.

$dm -version
docker-machine version 0.8.0, build b85aac1
$ docker --version
Docker version 1.12.0, build 8eab29e

[zhanghan177]

anything similar to moby/moby#12756?

[joelpresence]

I am also seeing this ... Any fix?

[rdeavila]

I'm seeing this error a lot of times per day: while creating machines, on SSH'ing a created machine, deleting machines... and so on. In most cases, repeat the command works, but not always. But is always the same error:

Post https://ec2.us-east-1.amazonaws.com/: x509: certificate signed by unknown authority

Docker for Mac, version 1.13.0, build 49bf474. docker-machine version 0.9.0, build 15fd4c7

[songweijia]

Same problem here. I installed docker-machine on a mac and have a linux box(jumper) installed with docker engine. The linux docker-engine is protected by a self-created CA, which had been added to mac's keychain store and set as "trusted".

"curl https://jumper:2376/v1.15/version" runs without problem:
{"Version":"1.13.0","ApiVersion":"1.25","MinAPIVersion":"1.12","GitCommit":"49bf474","GoVersion":"go1.7.3","Os":"linux","Arch":"amd64","KernelVersion":"3.13.0-46-generic","BuildTime":"2017-01-17T09:50:17.871838842+00:00"}

But "docker-machine create --engine-insecure-registry "jumper" --driver none --url=tcp://jumper:2376 jumper" does not work...
Unable to query docker version: Get https://jumper:2376/v1.15/version: x509: certificate signed by unknown authority

Docker for Mac, version 1.13.0, build 49bf474
docker-machine version 0.9.0, build 15fd4c7

[jachinte]

This is what worked for me (from distribution/distribution#1731 (comment)):

$ mkdir certs
$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/dockerrepo.key -x509 \
    -days 365 -out certs/dockerrepo.crt -subj /CN=local-registry

And then

docker-machine create --driver virtualbox default

[ghost]

@jachinte under which patch the mkdir certs should be executed?

[jachinte]

@vyscond I didn't know either, so I created it in my home directory. It just worked after that.

[ghost]

@jachinte Holly cow. Indeed it worked! Thanks for sharing :D

[randalvance]

@jachinte It worked for me too.

I only encountered this in Windows 7. Perfectly fine in Windows 10.

[ajoybhatia]

@jachinte The solution did not work for me, though. I get the same error message on running 'docker-machine create ...'. Is this an existing Docker bug?

[mathewkbejoy]

Downloading the iso from https://github.com/boot2docker/boot2docker/releases/download/v18.06.1-ce/boot2docker.iso and moving it to ~/.docker/machine/cache seems to work