Hi Eugene,
I myself don't know of a way to update the root CA, I think node
programs (which is what imgadm uses) include the certs in the binary
itself (using static linking).
If you are using imgadm you can set the IMGADM_INSECURE environment
variable as a workaround:
IMGADM_INSECURE=1 imgadm import thedockerimage
Cheers,
Todd
On 2018-04-18 4:01 AM, Eugene Lee wrote:
Hi,
Is it possible to update the root CA certificate files installed in
SmartOS? I am trying to download an image from a private docker
registry but the SSL certificate I have installed on the private
docker registry is not recognised. It is not a Self Signed
certificate, but it is issued by Comodo. The error I get is imgadm
import: error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
Running a CURL command gives: - SSL certificate problem: unable to get
local issuer certificate
I know the certificate is fine as I have tested the docker
registry URL through a browser and the certificate shows as valid. I
have also seen the same CURL error on a different Ubuntu host, but
once I updated the ca-certificates.crt file on that host with the
certificate bundle I got with the certificate, then CURL works fine as
well. But I dont know if this is possible on the SmartOS host given
the readonly nature of the system?
Thanks,
Eugene
*smartos-discuss* | Archives
<https://www.listbox.com/member/archive/184463/=now> | Modify
<https://www.listbox.com/member/?&;>
Your Subscription [Powered by Listbox] <http://www.listbox.com>
-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
Modify Your Subscription:
https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb
Powered by Listbox: http://www.listbox.com
