All geek questions in one place

Docker Notary: tls: oversized record received with a length of 20527

I get this error when I try to click and sign an image in my personal registry. Playback Actions:

  1. Expand Registry:

    $ docker run -d -p 5000:5000 --restart=always --name registry registry:2

  2. Mark the image:

    $ docker tag hello-world localhost:5000/hello-world:latest

  3. Enable Content Trust:

    $ export DOCKER_CONTENT_TRUST=1

  4. Click on the registry:

    $ docker push localhost:5000/hello-world:latest
=> The push refers to a repository [localhost:5000/hello-world]
a02596fdd012: Pushed 
latest: digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4 size: 524
Signing and pushing trust metadata
tls: oversized record received with length 20527
+5
source share
3 answers

Your registry does not accept https connections because it is located on http. forget about DOCKER_CONTENT_TRUSTand add your registry as an unsafe registry using the --insecure-registrydaemon option in your daemon docker configuration and then restart docker after

+2
source

I only solved this when I set up the content trust server to point to the notary server.

export DOCKER_CONTENT_TRUST_SERVER = https://localhost:4443

0

If you are using a proxy server to display images, look at the proxy configuration. In particular, make sure that the https proxy URL does not contain the string "https", for example:

Environment="HTTPS_PROXY=https://proxy.url:8080/" => Environment="HTTPS_PROXY=http://proxy.url:8080/"

See also here for a more complete explanation.

0
source

Source: https://habr.com/ru/post/1652469/

More articles:


All Articles