Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Documentation about certificate installation incomplete: Need to restart podman machine #24593

Open
jmozmoz opened this issue Nov 18, 2024 · 2 comments
Labels
documentation Issue or fix is in project documentation kind/bug Categorizes issue or PR as related to a bug. machine stale-issue

Comments

@jmozmoz
Copy link

jmozmoz commented Nov 18, 2024

Issue Description

I followed this description to install a self-signed certificate, to download images: https://github.com/containers/podman/blob/main/docs/tutorials/podman-install-certificate-authority.md

For podman v4.X it worked. For podman v5.2.5 it was additionally necessary to restart the Podman Machine from within Podman Desktop. Without the restart, the usual error message appear:

Error: initializing source docker://mysql:8.0.40-debian: pinging container registry registry-1.docker.io: Get "https://registry-1.docker.io/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority

Steps to reproduce the issue

Steps to reproduce the issue

  1. Install certificate without restart of podman machine
  2. Image download failed
  3. Restart podman machine
  4. Download works.

Describe the results you received

Error message, that download is not possible

Describe the results you expected

Download image

podman info output

podman run --name some-mysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:8.0.40-debian --tls-verify=false
Resolving "mysql" using unqualified-search registries (/etc/containers/registries.conf.d/999-podman-machine.conf)
Trying to pull docker.io/library/mysql:8.0.40-debian...
Error: initializing source docker://mysql:8.0.40-debian: pinging container registry registry-1.docker.io: Get "https://registry-1.docker.io/v2/": tls: failed to verify certificate: x509: certificate signed by unknown authority

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

Test under Windows 11 using WSL

Might be related to #24101

Additional information

No response

@jmozmoz jmozmoz added the kind/bug Categorizes issue or PR as related to a bug. label Nov 18, 2024
@Luap99 Luap99 added documentation Issue or fix is in project documentation machine labels Nov 18, 2024
@baude
Copy link
Member

baude commented Nov 19, 2024

@jmozmoz are you saying that you had to restart the machine and everything works fine? if so, mind submitting a PR to fix the doc ?

Copy link

A friendly reminder that this issue had no activity for 30 days.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Issue or fix is in project documentation kind/bug Categorizes issue or PR as related to a bug. machine stale-issue
Projects
None yet
Development

No branches or pull requests

3 participants