Open in app

Sign in

Write

Sign in

cri-o/containerd: crictl pull x509: certificate signed by unknown authority error

Jbn1233
Dec 6, 2022

--

Just a few steps, no need to restart

# crictl pull reg01.home.net/ak/api-service:1.0
FATA[0000] pulling image: rpc error: code = Unknown desc = error pinging docker registry reg01.home.net: Get "https://reg01.home.net/v2/": x509: certificate signed by unknown authority 

# mkdir -p /etc/containers/certs.d/reg01.home.net
# openssl s_client -connect reg01.home.net:443  | openssl x509 > /etc/containers/certs.d/reg01.home.net/cert.crt


# crictl pull reg01.home.net/ak/api-service:1.0
Image is up to date for reg01.home.net/ak/api-service:1.0@sha256:83c55f8daacdd5a0fd2af77262e6268d610d0167b52dcd5b36715f0e53f7c3b1
Kubernetes

--

--

Jbn1233
Jbn1233

Written by Jbn1233

27 Followers
1 Following

Very short and simple notes for CKA/SRE and may not works on your environment | jbn1233@gmail.com | Bangkok, Thailand |

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams