-
Notifications
You must be signed in to change notification settings - Fork 522
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DOCKER_TLS_VERIFY automatically enabled even without any config #1169
Comments
We leverage
Are you using port
|
Yes i am using port 2376 with https tls. Issue here is to support the client mode where we don't verify server certificate. Like third bullet point of client modes in this snapshot. |
As this is a limitation of docker-modem, I have copied this issue there: apocas/docker-modem#110 |
Test setup:
Docker extension version - Alpha version built from source code as it is on July 27, 2019.
Docker engine on remote machine - 18.03 version
I was trying to connect to remote docker engine by setting config parameters corresponding to
DOCKER_HOST and DOCKER_CERT_PATH. Didn't set any value for "DOCKER_TLS_VERIFY" associated setting. Now the extension throws the error saying invalid server certificate, mismatched common name in the cert. I understand that the IP address used to connect to the docker engine is different from the one present in ssl cert common name. But this is the expected behavior with DOCKER_TLS_VERIFY=1. But why i am getting this error without even setting VERIFY=1.
Expected behavior:
Extension should successfully connect to the remote docker engine without having to verify the server ssl cert.
The text was updated successfully, but these errors were encountered: