Is it possible to configure access via TLS to Docker for Mac Docker daemon?
I have created certificates by running
cd ~/.docker
mkdir certs
docker run --rm -v ~/.docker/certs:/certs paulczar/omgwtfssl
cp certs/ca.pem ssl/
docker run --rm -v ~/.docker/ssl:/server \
-v ~/.docker/certs:/certs \
-e SSL_IP=127.0.0.1,192.168.50.100 \
-e SSL_DNS=docker.local,macmini \
-e SSL_KEY=/server/key.pem \
-e SSL_CERT=/server/cert.pem paulczar/omgwtfssl
My daemon.json
{
"builder": {
"gc": {
"defaultKeepStorage": "20GB",
"enabled": true
}
},
"debug": true,
"experimental": false,
"hosts": [
"tcp://0.0.0.0:2376",
"unix:///var/run/docker.sock"
],
"tlscacert": "/Users/anton/.docker/ssl/ca.pem",
"tlscert": "/Users/anton/.docker/ssl/cert.pem",
"tlskey": "/Users/anton/.docker/ssl/key.pem",
"tlsverify": true
}
Running docker fails
export DOCKER_HOST=tcp://127.0.0.1:2376
export DOCKER_TLS_VERIFY=1
export DOCKER_CERT_PATH=/Users/anton/.docker/certs
docker info
Server:
ERROR: Cannot connect to the Docker daemon at tcp://127.0.0.1:2376. Is the docker daemon running?
I see the same problem after following https://docs.docker.com/engine/security/protect-access/#use-tls-https-to-protect-the-docker-daemon-socket