kitematic error "self signed certificate in certificate chain"

Created on 24 Oct 2017 · 19Comments · Source: docker/kitematic

Information about the Issue

we are run kitematic but showing this error "self signed certificate in certificate chain"

please provide solution step by step because I am beginner for using docker

kitematic

more-info-needed

Source

saurabhsingh878

Most helpful comment

Setup: Using Docker for Windows on Windows 10.

@FrenchBen In my case, and I'm sure many others', this isn't a case of a proxy. I'm simply behind a corporate firewall that does deep packet inspection which causes this error. There is no proxy to go around this as that would defeat the firewall's purpose.

Most if not all other applications correctly reference Windows' certificate store which has the required certificate imported. That includes Docker for Windows(can pull/push/search etc.). I'm not sure what exactly kitematic is doing differently here :\

Any help would be appreciated.

dclar43 on 24 Aug 2018

👍2

All 19 comments

same

tmli3b3rm4n on 26 Oct 2017

@saurabhsingh878 and @tmli3b3rm4n Can you provide the steps you used to get there?
Is there a custom repo in place? What's your setup? Toolbox? Docker for Mac?

FrenchBen on 27 Oct 2017

we are open kitematic and showing this error.
Docker and kitematic all setting default.

toolbox product - 17.07.0-ce
using Docker for Windows

saurabhsingh878 on 27 Oct 2017

what happens when you do docker pull hello-world from the CLI?

FrenchBen on 27 Oct 2017

when run docker pull hello-word from the CLI

Result-

saurabhsingh878 on 30 Oct 2017

Are you behind a firewall or VPN?
See our wiki for possible solutions:
https://github.com/docker/kitematic/wiki/Common-Proxy-Issues-&-Fixes

FrenchBen on 31 Oct 2017

we are not using any proxy. how to set proxy.

saurabhsingh878 on 1 Nov 2017

+1 same issue

NaifousBS on 6 Nov 2017

+1 Same issue. And we don't use proxy.

Ubel on 9 May 2018

👍1

Kitematic can not communicate server using SSL. It cause by SSL proxy like next firewall or SSL decoder.
Please check SSL communication.

yongwhan2 on 20 Jun 2018

+1 same issue

dhananjaykumar880 on 24 Jul 2018

same issue here

livingstonep on 14 Aug 2018

Setup: Using Docker for Windows on Windows 10.

Any help would be appreciated.

dclar43 on 24 Aug 2018

👍2

Same problem as dclar43 - please respond.

olexiy on 5 Dec 2018

is the problem fixed ??

punix81 on 8 Mar 2019

Same problem on macos, Kinemematic 0.17.7. In my company we have decrypted network traffic for almost all https connection. The solution to the problem for an application is to inject the CA root at proper place or change configuration for the application.
But for Kinematic I don't know the proper place where to inject the certificate. Kinematic does not use system or user key bundle.

dracorp on 25 Mar 2019

@FrenchBen
Can you open this issue and "fix" it?
For me the optional option would be add a path to own certificate or add an option to ignore certificate chain.

dracorp on 17 Apr 2019

@dracorp In the mean time check out Portainer and see if it meets your needs.

dclar43 on 17 Apr 2019

@FrenchBen - is this something that can be reviewed? I'm yet another user who also needs the ability to specify their own CA file because our company performs a MITM with all traffic.

I'm in the same situation as @dclar43 - all traffic is unencrypted (and reencrypted before going outside) with a self-signed certificate.

Without the ability to specify our own ca-file, we're stuck with the 'self-signed certificate in chain' error... which seriously limits this tools usability.