Docker registry with self signed cert?

(Basse) #1

I’m trying to connect an “External feed” -> “Docker registry” to a test server/setup which uses a self signed certificate.

An error occurred while sending the request. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.

How can I make Octopus server accept self signed certs?
I already tried to add the cert to the Windows machine key store (Trusted Root Certificate Authorities) but that didn’t help.

(Dean Malone) #2

Hi Basse,

Thanks for getting in touch.

The most likely reason for this error is because Octopus Server does not trust the self-signed certificate. The certificate needs to be imported into the Windows certificate store on your Octopus machine, as you have already done.

To verify this can you browse to your Docker registry over https from the Octopus Server machine without getting any SSL warnings?

Also can you confirm your Docker server DNS/hostname is correctly listed in the certificate either as Common Name (CN) or as Subject Alternate Name (SAN)?

Please let me know how you go with this, or if you have any further questions.

Regards,
Dean.

(system) closed #4