If you are using Rancher Desktop, and the Moby CLI, and you are trying to push images to a private registry, you may receive the following error:
$ docker push private.registry.domain/my/image Using default tag: latest The push refers to repository [private.registry.domain/my/image] Get "https://private.registry.domain/v2/": x509: certificate signed by unknown authority
If you receive this error, it is likely because the VM that underpins Rancher Desktop (lima) does not have the CA certificate used to sign the cert for your private registry. To fix this, follow these steps:
rdctl, open a shell onto the VM.
rdctlis found in ~/.rd/bin
rdctl shellto pop into the lima VM
- Once inside the VM, navigate to /usr/local/share/ca-certificates
- Copy the PEM-encoded contents of your root CA certificate into a new file in this directory. You can
echothe contents and redirect (>) into a file, or use
- Once this file is created, execute
- Restart Docker on this VM by executing
service docker restart
You should now be able to push images!