https://rancher.com/ logo
s

some-sandwich-85435

03/20/2023, 11:07 AM
on the Mac, I have a certificate for a docker registry on some Artifactory instance, but how do I let Rancher-Deskop use it?
f

fast-garage-66093

03/20/2023, 3:48 PM
Are you talking about client certs for authentication? If they are installed on your Mac under
~/.docker/certs.d
then they should automatically be used by Rancher Desktop. Can you provide more details on how you installed them?
s

some-sandwich-85435

03/21/2023, 10:16 AM
I have them in the Mac KeyChain app how could I install it in ~/.docker/certs.d ? just copy the file I got there?
it's a self singed certificate, and the error message I get is
Copy code
ERROR: failed to solve: artifactory.url/registy: failed to do request: Head "artifactory.url/registy/v2/baseimages/baseimage-u22/manifests/1674822304183": x509: certificate signed by unknown authority
so that is the actual problem
Copy code
x509: certificate signed by unknown authority
f

fast-garage-66093

03/22/2023, 4:31 PM
Do you have the root CA for your self-signed cert installed on your host as well? Rancher Desktop will import all root CAs from your keychain into the VM on startup. It is possible to do this manually too, but would be a bit more work, so just importing it into your keychain would be easier
s

some-sandwich-85435

03/23/2023, 7:42 AM
I have the cert file that is used in Images to access Artifactory, that works but I need to build the images FROM ubunut .... I wan to build it based on something in the Artifactory container registry, and that doe not work when accessing the registry, I get that error I use buildx to build intel images on M1, maybe it's related to that
I can do a docker pull, and get the image, but when I have FROM .... and use it in buildx, I get the error for the metadata on the https metadata request
Copy code
ERROR: failed to solve: artifactory.tobii.intra:7300/baseimages/baseimage-u22:1674822304183: failed to do request: Head "<https://artifactory.copmany:7300/v2/baseimages/baseimage-u22/manifests/1674822304183>": x509: certificate signed by unknown authority
f

fast-garage-66093

03/23/2023, 7:11 PM
Can you please file a Github issue about this, so we can try to repro the problem. Otherwise this thread will simply get lost in Slack history
s

some-sandwich-85435

03/26/2023, 6:20 AM
I tested with docker desktop, it has the same problem. Now I am unsure if this is a bug, or a 'strange' setup on the place where I use that. Could well be a bug, since they share a common code base (I am using moby) But also one of this special company setups which exists sometimes, and I have the only Mac using docker, and this project will soon be over, so I guess I will not be able to follow up on that one
83 Views