如何在mac os中訪問docker（v1.9.0）遠程休息API x

Question

我想訪問docker remote rest api，但我無法訪問它。

例如

$ curl -v https://192.168.99.100:2376/images/json 
* About to connect() to 192.168.99.100 port 2376 (#0) 
* Trying 192.168.99.100... 
* Adding handle: conn: 0x7f8cd380fe00 
* Adding handle: send: 0 
* Adding handle: recv: 0 
* Curl_addHandleToPipeline: length: 1 
* - Conn 0 (0x7f8cd380fe00) send_pipe: 1, recv_pipe: 0 
* Connected to 192.168.99.100 (192.168.99.100) port 2376 (#0) 
* SSL certificate problem: Invalid certificate chain 
* Closing connection 0 
curl: (60) SSL certificate problem: Invalid certificate chain 
More details here: http://curl.haxx.se/docs/sslcerts.html 

curl performs SSL certificate verification by default, using a "bundle" 
of Certificate Authority (CA) public keys (CA certs). If the default 
bundle file isn't adequate, you can specify an alternate file 
using the --cacert option. 
If this HTTPS server uses a certificate signed by a CA represented in 
the bundle, the certificate verification probably failed due to a 
problem with the certificate (it might be expired, or the name might 
not match the domain name in the URL). 
If you'd like to turn off curl's verification of the certificate, use 
the -k (or --insecure) option. 

$ curl -v http://192.168.99.100:2376/images/json 
* About to connect() to 192.168.99.100 port 2376 (#0) 
* Trying 192.168.99.100... 
* Adding handle: conn: 0x7f9411008c00 
* Adding handle: send: 0 
* Adding handle: recv: 0 
* Curl_addHandleToPipeline: length: 1 
* - Conn 0 (0x7f9411008c00) send_pipe: 1, recv_pipe: 0 
* Connected to 192.168.99.100 (192.168.99.100) port 2376 (#0) 
> GET /images/json HTTP/1.1 
> User-Agent: curl/7.30.0 
> Host: 192.168.99.100:2376 
> Accept: */* 
> 

* Connection #0 to host 192.168.99.100 left intact 

，但如果我運行的泊塢窗命令它的工作原理：

$docker images 
REPOSITORY      TAG     IMAGE ID   CREATED    VIRTUAL SIZE 
subh007/docker_quagga   v1     fd482b733697  6 months ago  263.5 MB 

我也試圖從stack post.遵循建議，但它din't工作對我來說，看起來像它的工作對boot2docker 。目前我使用的是mac os X（10.9.4）。

以下是泊塢窗機的詳細資料：

$ docker-machine env default 
export DOCKER_TLS_VERIFY="1" 
export DOCKER_HOST="tcp://192.168.99.100:2376" 
export DOCKER_CERT_PATH="/Users/subh/.docker/machine/machines/default" 
export DOCKER_MACHINE_NAME="default" 
# Run this command to configure your shell: 
# eval "$(docker-machine env default)" 

請讓我知道如果我錯過了一些瞭解。

Answer 1

CURL的新版本使用Apple的安全傳輸API而不是OpenSSL API。使用P12格式的證書。試試這個吧 -

cd $DOCKER_CERT_PATH 
openssl pkcs12 -export -inkey key.pem -in cert.pem -CAfile ca.pem -chain -name client-side -out cert.p12 -password pass:mypass 
curl https://192.168.99.100:2376/images/json --cert $DOCKER_CERT_PATH/cert.p12 --pass mypass --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem