Ignore my last email. Read thru the replies too quickly.... On Wed, Apr 18, 2018 at 5:52 PM, Eugene Lee <eky_...@hotmail.com> wrote:
> Thanks Todd. I have tried that before but it didnt seem to work for me. > I did an export IMGADM_INSECURE=1 > Then typed env and verified it was set. Then ran imgadm but i still got > the error. Granted I am using the skylime version of smartos which has the > fix to allow imgadm to work with docker registry v2. Not sure if normal > build of smartos has this fix for v2 docker registry in place or not. > > Thanks > Eugene > ------------------------------ > *From:* Todd Whiteman <todd.white...@joyent.com> > *Sent:* Thursday, 19 April 2018 4:26:45 a.m. > *To:* smartos-discuss@lists.smartos.org > *Subject:* Re: [smartos-discuss] Update CA Bundle > > Hi Eugene, > > I myself don't know of a way to update the root CA, I think node programs > (which is what imgadm uses) include the certs in the binary itself (using > static linking). > > If you are using imgadm you can set the IMGADM_INSECURE environment > variable as a workaround: > > IMGADM_INSECURE=1 imgadm import thedockerimage > > Cheers, > Todd > > On 2018-04-18 4:01 AM, Eugene Lee wrote: > > Hi, > > > Is it possible to update the root CA certificate files installed in > SmartOS? I am trying to download an image from a private docker registry > but the SSL certificate I have installed on the private docker registry is > not recognised. It is not a Self Signed certificate, but it is issued by > Comodo. The error I get is imgadm import: error: UNABLE_TO_VERIFY_LEAF_ > SIGNATURE > > > Running a CURL command gives: - SSL certificate problem: unable to get > local issuer certificate > > > I know the certificate is fine as I have tested the docker registry URL > through a browser and the certificate shows as valid. I have also seen the > same CURL error on a different Ubuntu host, but once I updated the > ca-certificates.crt file on that host with the certificate bundle I got > with the certificate, then CURL works fine as well. But I dont know if > this is possible on the SmartOS host given the readonly nature of the > system? > > > Thanks, > > Eugene > > > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> | Modify > <https://www.listbox.com/member/?&> > Your Subscription <http://www.listbox.com> > -- ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com