An error occurred trying to connect: Get https://192.168.xx.xx:2376/v1.18/containers/json: remote error: bad certificate

[IbnSaeed]

Hello

I am getting the following error message when running . in windows 8.1

docker $(dm config dev) ps

 An error occurred trying to connect: Get https://192.168.xx.xx:2376/v1.18/containers/json: remote error: bad certificate

Here is the docker version command

docker version
Client version: 1.5.0-dev
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): a61716e
OS/Arch (client): windows/amd64
FATA[0000] Get http://192.168.xx.xx:2376/v1.18/version: malformed HTTP response "\x15\x03\x01\x00\x02\x02". Are you trying to connect to a TLS-enabled daemon without TLS?

Here is the docker-machine version

docker-machine  version 0.1.0

[IbnSaeed]

The following certs were automatically added to the following directory when i created the docker-machine

Location : C:\Users\Username\.docker\machine\certs

key.pem
cert.pem
ca-key.pem
ca.pem

I tried changing the location of the cert with

docker  --tlscert="C:\Users\Username\.docker\machine\certs"

But it just output the docker help list.

[gusun1]

I got the same error.

$ docker ps 
FATA[0001] An error occurred trying to connect: Get https://192.168.59.103:2376/v1.17/containers/json: Forbidden 
$ docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.4.1
Git commit (client): a8a31ef
OS/Arch (client): darwin/amd64
FATA[0001] An error occurred trying to connect: Get https://192.168.59.103:2376/v1.17/version: Forbidden 

Anybody can help? Thank you!

[slavashvets]

The same error (client windows/amd64):

$ ./docker-machine_windows-amd64.exe create -d virtualbox dev
←[34mINFO←[0m[0000] Creating CA: C:\Users\vshvets\.docker\machine\certs\ca.pem
←[34mINFO←[0m[0000] Creating client certificate: C:\Users\vshvets\.docker\machine\certs\cert.pem
←[34mINFO←[0m[0002] Creating SSH key...
←[34mINFO←[0m[0002] Image cache does not exist, creating it at C:\Users\vshvets\.docker\machine\cache...
←[34mINFO←[0m[0002] No default boot2docker iso found locally, downloading the latest release...
←[34mINFO←[0m[0004] Downloading latest boot2docker release to C:\Users\vshvets\.docker\machine\cache\boot2docker.iso...
←[34mINFO←[0m[0166] Creating VirtualBox VM...
←[34mINFO←[0m[0326] Starting VirtualBox VM...
←[34mINFO←[0m[0329] Waiting for VM to start...
←[34mINFO←[0m[0381] "dev" has been created and is now the active machine.
←[34mINFO←[0m[0381] To point your Docker client at it, run this in your shell: eval "$(c:\Users\vshvets\Downloads\docker-machine_windows-amd64.exe
env dev)"

$ eval "$(/c/Users/vshvets/Downloads/docker-machine_windows-amd64.exe env dev)"

$ docker run busybox echo hello world
FATA[0000] An error occurred trying to connect: Post https://192.168.99.100:2376/v1.19/containers/create: Forbidden

$ docker version
Client version: 1.5.0-dev
Client API version: 1.19
Go version (client): go1.4.2
Git commit (client): 9ede3f9
OS/Arch (client): windows/amd64
FATA[0000] An error occurred trying to connect: Get https://192.168.99.100:2376/v1.19/version: Forbidden

$ docker-machine_windows-amd64.exe -v
c:\Users\vshvets\Downloads\docker-machine_windows-amd64.exe version 0.2.0 (48bea37)

[jmaya]

Try to remove the certificates in ~/.docker/machine/certs/ This worked for me. It seems you have older certs associated with the boot2docker image.

[gusun1]

Thank you, everybody. I just restart the boot2docker-vm machine.
$ boot2docker restart
This works for me.

[aanc]

It did not work for me:

adrien@nknu [15:08:29]
~ $ rm -fr ~/.docker/machine/certs

adrien@nknu [15:08:44]
~ $ machine create -d virtualbox dev
INFO[0000] Creating CA: /home/adrien/.docker/machine/certs/ca.pem 
INFO[0000] Creating client certificate: /home/adrien/.docker/machine/certs/cert.pem 
INFO[0001] Creating SSH key...                          
INFO[0001] Creating VirtualBox VM...                    
INFO[0010] Starting VirtualBox VM...                    
INFO[0010] Waiting for VM to start...                   
INFO[0059] "dev" has been created and is now the active machine. 
INFO[0059] To point your Docker client at it, run this in your shell: eval "$(machine env dev)" 

adrien@nknu [15:09:53]
~ $ eval "$(machine env dev)"

adrien@nknu [15:10:01]
~ $ docker ps
FATA[0000] An error occurred trying to connect: Get https://192.168.99.106:2376/v1.18/containers/json: Forbidden 

adrien@nknu [15:10:08]
~ $ docker version
Client version: 1.6.0
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 4749651
OS/Arch (client): linux/amd64
FATA[0000] An error occurred trying to connect: Get https://192.168.99.106:2376/v1.18/version: Forbidden 

adrien@nknu [15:10:14]
~ $ machine --version
machine version 0.2.0 (8b9eaf2)

adrien@nknu [15:10:24]
~ $ ll ~/.docker/machine/certs
total 16K
-rw------- 1 adrien adrien 1,7K avril 30 15:08 ca-key.pem
-rw-rw-r-- 1 adrien adrien 1,1K avril 30 15:08 ca.pem
-rw-rw-r-- 1 adrien adrien 1,1K avril 30 15:08 cert.pem
-rw------- 1 adrien adrien 1,7K avril 30 15:08 key.pem

Ubuntu 14.10
I've never installed boot2docker on this machine. I have a docker daemon installed locally (not via machine), but not running. Any help appreciated, thanks in advance !

[daithi-coombes]

I can confirm this error.

I'm running of a new win 8.1 machine and fresh install of docker. I can across the issue running docker version:

$ docker version
Client version: 1.6.0
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 4749651
OS/Arch <client): windows/amd64
FATA[0021] An error occurred tyring to connect: Get https://192.168.59.103:2376/v1.18/version: dial tcp 192.168.59.103:2376: ConnectEx tcp: A connection attempt failed because the connected party did not properly respond after a period of time or established connection failed because connected host has failed to respond.

Restart docker with

$ boot2docker.exe restart

hasn't helped, neither has deleting the certs with

rm -rf .boot2docker/certs/boot2dcker-vm/*

which now gives me the following error when I run docker version:

$ docker version
FATA[0000] Couldn't read ca cert C:\$home_directory\.boot2docker\certs\boot2docker-vm\ca.pem: open C:\$home_directory\.boot2docker\certs\boot2docker-vm\ca.pem: The system can't find the file specified.

which makes sense.

New to docker so completly lost on what could have caused the initial connection issue. I have already setup my dev environment with virtualbox so I'm wondering if the net config here could be a cause?

[daithi-coombes]

... interestingly after doing the above (rm -rf .boot2docker/certs/boot2dcker-vm/*), I closed the docker window and reopened it and now get the error:

$docker version
...
FATA[0000] Get http:///var/run/docker.sock/v1.18/version: dial unix /var/run/docker.sock: An address incompatible with the requested protocol was used ... Are you trying to connect a TLS-enabled daemon without TLS?

[ramoneguru]

Had a similar error as @gusun1 after upgrading boot2docker and running the following commands:

[~]$ eval "$(boot2docker shellinit)"
Writing /Users/nesquerra/.boot2docker/certs/boot2docker-vm/ca.pem
Writing /Users/nesquerra/.boot2docker/certs/boot2docker-vm/cert.pem
Writing /Users/nesquerra/.boot2docker/certs/boot2docker-vm/key.pem

Worked fine, so I ran the hello-world:

[~]$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from hello-world
a8219747be10: Pull complete
91c95931e552: Already exists
hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:<sha-digest>
Status: Downloaded newer image for hello-world:latest
FATA[0011] remote error: bad certificate

Got a fatal, printed out the version and such

[~]$ docker version
Client version: 1.6.1
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 97cd073
OS/Arch (client): darwin/amd64
FATA[0000] An error occurred trying to connect: Get https://192.168.59.103:2376/v1.18/version: remote error: bad certificate

Then restarted:

[~]$ boot2docker restart
[~]$ docker run hello-world
Hello from Docker.
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (Assuming it was not already locally available.)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

For more examples and ideas, visit:
 http://docs.docker.com/userguide/

Seemed to get the appropriate output after the restart.

[danielcgithub]

I am having the same problem as daithi-coombes
$ docker version
Client version: 1.6.2
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 7c8fca2
OS/Arch (client): windows/amd64
FATA[0021] An error occurred trying to connect: Get https://192.168.59.106:2376/v1.18/version: dial tcp 192.168.59.106:2376: ConnectEx tcp: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

However when I use the actual boot2docker vm I am able to run the command with no problem.
Anyone got any ideas?

[ehazlett]

Ok there are a few different issues here. @IbnSaeed if you use Machine 0.2.0 or higher the cert issue will be fixed when you run env or config as well as manually with the regenerate-certs command.

There are a few reports in this thread mixing the b2d cli and machine. While they both use the B2D ISO for the OS, they are separate tools and do not work with each others configurations.

If you want to import an existing b2d VM that feature is in master and will be released in the upcoming 0.3.0.

If you still have issues not related to certs, please open a new issue.

Thanks!

[childnode]

1. you might try to check via curl for detailed error message
2. (Windows) perhaps you have set a NO_PROXY env in system that is not inherited by boot2docker but redefined and used as no_proxy (lowercased) by curl. Try export NO_PROXY=$no_proxy
3. you try to use IP wildcards in no_proxy: that's not valid: Docker daemon doesn't respect no_proxy IP range in CIDR notation (regression?) moby/moby#9145

[adamveld12]

In case other people have the same issues as I did on Windows 64bit: https://x86x64.wordpress.com/2015/05/03/docker-on-windows-fata0021-an-error-occurred-trying-to-connect/

[ghost]

thanks @adamveld12, it worked for me. (win 8.1 64bit)

[sbanal]

The following commands worked for me. In command prompt:

boot2docker poweroff 
boot2docker destroy
boot2docker init 
boot2docker start

After executing commands above, I closed my docker console and re-opened a new one. Tested it by running docker command docker run hello-world.

FYI command removes images.

UPDATE:
Fix command from docker to boot2docker. @eddietejeda - thanks for noticing the issue.

[eddietejeda]

@sbanal I think you meant you ran:

boot2docker poweroff 
boot2docker destroy
boot2docker init 
boot2docker start

That worked for me.

[lookfirst]

I just ran into this yesterday. Ran @eddietejeda fix above and that worked. I stopped everything. Today, I go and start everything back up. Same problem again. Seems kind of bad to have to constantly rebuild b2d every time I want to use it.

I have b2d 1.7.0 installed via brew on OSX 10.10.4.

[luongnv89]

boot2docker poweroff 
boot2docker destroy
boot2docker init 
boot2docker start

This also worked for me! Just notice that I have to open new terminal window (to reset the DOCKER_ environment variables if you have set them before).

Thanks!

[broxio]

@sbanal It's work for me to on OSX too.

MBP:~ cook$ docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.4.1
Git commit (client): a8a31ef
OS/Arch (client): darwin/amd64
Server version: 1.7.0
Server API version: 1.19
Go version (server): go1.4.2
Git commit (server): 0baf609

Thanks , saving ton of hours.!

[shanyu-e]

@sbanal thx! It's work for me.

[matrixstone]

@sbanal

boot2docker poweroff
boot2docker destroy
boot2docker init
boot2docker start
That worked for me.

[ChrisChinchilla]

I have this issue, but slightly different.

This message keeps popping up when boot2docker isn't running. I don't really want it running all the time and the message goes when it is running.

Has something been set to auto run each time I open a Terminal window?

I can confirm, Docker is trying to run every time I launch a terminal window. Hmm…

[jakirkham]

Seeing this with boot2docker, as well. ( boot2docker/boot2docker#1017 )

[siripuramrk]

I'm on windows 8.1

boot2docker.exe download

Worked for me.

[carloreggiani]

I'm fighting on Win8.1 with Docker Toolbox 1.8.1b and today 1.8.2a.
Basic setup with "default" machine not work: after 20 minutes the setup completed but the scripted creation of VM don't complete with server certificate configuration.
By the way I tryed to create a new VM "dev" with docker-machine command, but I'm not able to connect by docker client (ping works fine).

Here the situation:

$ docker-machine create --driver virtualbox dev`

$ docker-machine env --shell cmd dev
set DOCKER_TLS_VERIFY=1
set DOCKER_HOST=tcp://192.168.99.100:2376
set DOCKER_CERT_PATH=C:\Users\reggiani\.docker\machine\machines\dev
set DOCKER_MACHINE_NAME=dev
# Run this command to configure your shell:
# copy and paste the above values into your command prompt

$ export DOCKER_TLS_VERIFY=1
$ export DOCKER_HOST=tcp://192.168.99.100:2376
$ export DOCKER_CERT_PATH='c:\Users\reggiani\.docker\machine\machines\dev'
$ export DOCKER_MACHINE_NAME=dev

$ docker-machine  config dev
--tlsverify --tlscacert="C:\\Users\\reggiani\\.docker\\machine\\machines\\dev\\ca.pem" --tlscert="C:\\Users\\reggiani\\.docker\\machine\\machines\\dev\\cert.pem" --tlskey="C:\\Users\\reggiani\\.docker\\machine\\machines\\dev\\key.pem" -H=tcp://192.168.99.100:2376

$ docker version
Client:
 Version:      1.8.1
 API version:  1.20
 Go version:   go1.4.2
 Git commit:   d12ea79
 Built:        Thu Aug 13 02:49:29 UTC 2015
 OS/Arch:      windows/amd64
An error occurred trying to connect: Get https://192.168.99.100:2376/v1.20/version: Bad Request`

[Foadsf]

I have reported similar issue here. Docker is exhausting :(

[sandeepkapri]

If you have installed docker toolbox then run docker quickstart terminal (it's a program and get installed during installation process).

After this open a new command prompt window and run a docker command docker version.
You will get no error.

Works for me.

[15aditya]

For Docker Toolbox - docker-machine restart worked for me.