ErrImagePull: x509: certificate signed by unknown authority

Quote from moshe on 10/01/2023, 4:12 pm

Problem

User gets the following error when running the command

kubectl describe pod rabbitmq-0 

ErrImagePull: x509: certificate signed by unknown authority

Solution

Run the following commands on the master node

Edit or create the file /etc/docker/daemon.json and add insecure-registries:

vi etc/docker/daemon.json

{
"insecure-registries": [
"repo.k8s.tracston.local",
"repo.k8s.tracston.local:443"
]
}

#Restart docker daemon

systemctl restart docker

Export the certificate file from the repository and import to docker

mkdir -p /etc/docker/certs.d/repo.k8s.tracston.local
mkdir -p /etc/docker/certs.d/repo.k8s.tracston.local:443

openssl s_client -showcerts -verify 5 -connect repo.k8s.tracston.local:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM > /etc/docker/certs.d/repo.k8s.tracston.local/ca.crt

openssl s_client -showcerts -verify 5 -connect repo.k8s.tracston.local:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM > /etc/docker/certs.d/repo.k8s.tracston.local:443/ca.crt

systemctl restart docker