On Mon, Nov 11, 2019 at 1:17 AM Joel Pearson <japear...@agiledigital.com.au> wrote:
> Hi, > > I’m trying to build an image in Openshift 4.2 where my internet has an > MITM proxy. > > So trying to pull docker images fails during the build with x509 errors. > > Is there a way to provide extra trusted CA certificates to the builder? > Did you supply additional CAs via the proxy configuration? Those should be picked up by the builder automatically when it is pulling images and I think it'd be a bug if you configured that and it's not working: https://docs.openshift.com/container-platform/4.2/networking/enable-cluster-wide-proxy.html#nw-proxy-configure-object_config-cluster-wide-proxy Barring that, you can also supply additional CAs for trusting registries (which in the case of your MITM proxy should also be effective) via the image config resource: https://docs.openshift.com/container-platform/4.2/openshift_images/image-configuration.html#images-configuration-insecure_image-configuration > > Pulling image registry.redhat.io/ubi7-minimal:7.7 ... > > Warning: Pull failed, retrying in 5s ... > > Warning: Pull failed, retrying in 5s ... > > Warning: Pull failed, retrying in 5s ... > > error: build error: failed to pull image: After retrying 2 times, Pull > image still failed due to error: while pulling "docker:// > registry.redhat.io/ubi7-minimal:7.7" as " > registry.redhat.io/ubi7-minimal:7.7": Error initializing source docker:// > registry.redhat.io/ubi7-minimal:7.7: pinging docker registry returned: > Get https://registry.redhat.io/v2/: x509: certificate signed by unknown > authority > > Thanks, > > Joel > > -- > Kind Regards, > > Joel Pearson > Agile Digital | Senior Software Consultant > > Love Your Software™ | ABN 98 106 361 273 > p: 1300 858 277 | m: 0405 417 843 <0405417843> | w: agiledigital.com.au > _______________________________________________ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > -- Ben Parees | OpenShift
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
