To import a self-signed CA certificate that you want to manually trust in your Docker VM, follow these steps:
$ docker-machine ssh default 'sudo mkdir /var/lib/boot2docker/certs' $ docker-machine scp corp-ca.pem default: $ docker-machine ssh default 'sudo mv corp-ca.pem /var/lib/boot2docker/certs/' $ docker-machine restart default
According to play-with-docker.com you can also trust a self-signed cert by doing the following:
If you are running the registry locally, be sure to use your host name as the CN.
To get the docker daemon to trust the certificate, copy the domain.crt file.
mkdir /etc/docker/certs.d mkdir /etc/docker/certs.d/127.0.0.1:5000 cp $(pwd)/certs/domain.crt /etc/docker/certs.d/127.0.0.1:5000/ca.crt
Make sure to restart the docker daemon.
pkill dockerd dockerd > /dev/null 2>&1 &
The /dev/null part is to avoid the output logs from docker daemon.
Now we have an SSL certificate and can run a secure registry.
I haven’t tried this yet, as I am signing my local certs with my dev-ca that is trusted on system level.