On Thu, Jun 08, 2017 at 03:23:14AM +0000, Tomasz Chmielewski wrote: > I'm not able to launch a container on one of the servers: > > # lxc launch images:ubuntu/xenial/amd64 containername > error: Get > https://images.linuxcontainers.org:8443/1.0/images/ubuntu/xenial/amd64: x509: > certificate is valid for images.linuxcontainers.org, > uk.images.linuxcontainers.org, us.images.linuxcontainers.org, not > *.linuxcontainers.org > > > Not sure how to debug this. > > This works: > > # curl https://images.linuxcontainers.org:8443/1.0/images/ubuntu/xenial/amd64 > <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> > <html><head> > <title>301 Moved Permanently</title> > </head><body> > <h1>Moved Permanently</h1> > <p>The document has moved <a > href="https://uk.images.linuxcontainers.org:8443/1.0/images/ubuntu/xenial/amd64";>here</a>.</p> > <hr> > <address>Apache/2.4.7 (Ubuntu) Server at images.linuxcontainers.org Port > 8443</address> > </body></html>
Hi, So the one thing I can think of which may cause that is if you ran a very old version of LXD at some point which would cache the certificate of public servers. If that's the case, the following should fix things for you: rm .config/lxc/servercerts/images.crt That will cause LXD to go back to checking against the system CA which should work fine as was proven by your curl example. -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: PGP signature
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
