As per my corporate policies, we are using windows 7, with privileged access (subset of admin rights) on the machine.
I have installed docker toolbox however when its time to pull images from Docker hub of companies Artifactory i was getting issues because of HTTPS and proxy.
I finally figured this out on how properly to set-up docker toolbox on windows 7 behind corporate proxy with HTTPS certs.
Following are the steps
- Install Docker Toolbox
- After installation, go to C:/Users//.docker/machine/machine/default and open config.json. If you do not have that folder, then please open "Docker Quickstart Terminal" from your desktop to create a virtual box docker-machine for yourself.
- Add the following lines under
{ "HostOptions": { ... "EngineOptions": { ... "Env": [ "HTTP_PROXY=http://<username>:<pwd>@<host>:<port>", "HTTPS_PROXY=http://<username>:<pwd>@<host>:<port>", "NO_PROXY=<docker-machine ip>" ], } } }
Please note the http in HTTPS_PROXY. 4. After the above step, you need to install the company certs 5. Get the set of corporate root certificates, which should be installed in your corporate-configured browser. In Chrome, you can go to Settings, click Show advanced settings, and scroll down to HTTPS/SSL, where you can choose Manage Certificates. My organization has put them in Trusted Root Cerftification Authorities and named them after the organization. Export each (I have two), one at a time, making sure to choose DER format.
- Once you have them saved to a known location, you will want to convert them to PEM format. The easiest way I found to do this was to run the openssl.exe[1] command from within the Docker Quickstart Terminal.
openssl x509 -inform der -in certificate.cer -out certificate.pem
Once you have the .pem files, you will want to copy them to a location to which your Docker machine has access. I made a directory in c:\Users\my.username\certs and copied them there.
This step may not be strictly necessary, but it's what I did, and it works. You will want to copy those certificates into your boot2docker partition, which is persistent. I am connecting to my default machine, which IS something you will need to do for Step 5.
MINGW64:$ docker-machine ssh default
docker@default:~$ sudo -s root@default:/home/docker# mkdir /var/lib/boot2docker/certs root@default:/home/docker# cp /c/Users/my.username/certs/*.pem /var/lib/boot2docker/certs/
Now it's time to write a bootlocal.sh script, which will copy the certificates to the proper location each time the system starts.[2] If you haven't already, open an SSH connection to the machine, per Step 4.
touch /var/lib/boot2docker/bootlocal.sh && chmod +x /var/lib/boot2docker/bootlocal.sh vi /var/lib/boot2docker/bootlocal.sh Insert the following and save the file:
!/bin/sh
mkdir -p /etc/docker/certs.d && cp certs/certificate.pem /etc/docker/certs.d
Restart the machine, either by using the reboot command from within the machine, or by using the docker-machine command from the Docker terminal:
docker-machine restart default
Now you should be able to run 'hello-world' and others. I hope this helps.
Ref: Docker on Windows (Boot2Docker) - certificate signed by unknown authority error
I recently faced same problem and was able to fix the problem with below steps. As suggested in the official docker documentation
First, stop and delete the default docker-machine if it is already created
docker-machine stop default docker-machine rm default
where 'default' is the default name of docker-machine.
After deletion create docker-machine with the proxy setting:
docker-machine create -d virtualbox --engine-env HTTP_PROXY=http://example.com:8080 --engine-env HTTPS_PROXY=https://example.com:8080 --engine-env NO_PROXY=example2.com default
This solution absolutely works fine for me.
I solved this problem by adding a trailing backslash ("/") to the end of the proxy URL in the proxy settings in the config.json file.
来源:https://stackoverflow.com/questions/53038332/setup-docker-toolbox-behind-proxy-on-windows