When working with a private Docker registry in a testing environment or on a private
network, you might choose not to use certificates issued by a well-known certificate
authority (CA). Using this type of certificate will require additional configurations on your
Docker client. More information on how to do this is available HERE .
Failure to set this up will result in an error similar to the following:
FATA[0000] Error response from daemon: v1 ping attempt failed with error: Get https://myregistrydomain.com:5000/v1/_ping: tls: oversized record received with length 20527.
If your private Docker registry only supports unknown CA certificates using HTTP or HTTPS,
add –insecure-registry myregistrydomain.com:5000 to your daemon’s arguments.
In the case of HTTPS, if you have access to the registry’s CA certificate, simply place it in
/etc/docker/certs.d/myregistrydomain.com:5000/ca.crt.
Published: Oct. 6, 2016
Last updated: Feb. 3, 2021
Keywords: Docker registry, certificate, self-signed