Certificate issues when pushing and pulling images

If TLS is not properly configured, you are likely to encounter an x509: certificate signed by unknown authority error when attempting to run the following commands:

  • docker login

  • docker push

  • docker pull

To resolve the issue:

Verify that your MSR instance has been configured with your TLS certificate Fully Qualified Domain Name (FQDN). For more information, refer to Add a custom TLS certificate.

Alternatively, but only in testing scenarios, you can skip using a certificate by adding your registry host name as an insecure registry in the Docker daemon.json file:

{
    "insecure-registries" : [ "registry-host-name" ]
}