Login into a Docker Repository with an invalid certificate
I wanted to write a quick tutorial about how to push a docker image into an insecure Docker repository. By insecure Docker repository, I mean a site with SSL with either an expired or invalid certificate. In summary, if you try to do the next:
docker login my-docker-repository.com
And it fails with:
x509: certificate signed by unknown authority
Then, continue reading because you will find an easy and straigh forward solution.
Solution
Docker does not allow to login or push images into a site with invalid certificates. There are a few workarounds to create a temporal certificate in local. However, another easier solution is using podman.
As a very brief summary, podman is a docker client for Linux systems developed by Red Hat. Oh wait, do we need to install a tool? Next!! Wait wait! We don’t need to install anything, just use Docker!
- Run a container with Podman already installed:
docker run -it --net=host ringingmountain/podman /bin/bash
We can map the volumes or create the Dockerfile directly inside the container. |
- Login using Podman
podman login --tls-verify=false my-docker-repository.com
The trick in podman is to use the tls-verify flag to not verify the certificate.
- Create the image, push or do whatever we wanted to do at first with the Docker repository
podman build --tls-verify=false -t myimage .
podman tag myimage:latest my-docker-repository.com/layout/myimage:7.6.0-2
podman push --tls-verify=false my-docker-repository.com/layout/myimage:7.6.0-2
And that’s all! :)