docker報錯: x509: certificate has expired or is not yet valid

本文轉載自查看原文 2019-08-17 18:33 1892 docker

環境：最小化安裝centos7

問題：docker 啟動沒問題，但是查詢鏡像時報錯

Error response from daemon: Get https://index.docker.io/v1/search?q=mysql&n=25: x509: certificate has expired or is not yet valid

最終發現問題是系統時間不同步

由於筆者是最小安裝所以需要安裝

 yum install -y ntpdate ntp

然后修改配置文件

vim /etc/ntp.conf

配置如下：

# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
restrict 172.17.0.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 0.cn.pool.ntp.org
server 1.cn.pool.ntp.org
server 2.cn.pool.ntp.org
server 3.cn.pool.ntp.org

restrict 0.cn.pool.ntp.org nomodify notrap noquery
restrict 1.cn.pool.ntp.org nomodify notrap noquery
restrict 2.cn.pool.ntp.org nomodify notrap noquery
restrict 3.cn.pool.ntp.org nomodify notrap noquery

server 127.0.0.1 # local clock
fudge 127.0.0.1 stratum 10

#broadcast 192.168.1.255 autokey   # broadcast server
#broadcastclient           # broadcast client
#broadcast 224.0.1.1 autokey       # multicast server
#multicastclient 224.0.1.1       # multicast client
#manycastserver 239.255.254.254       # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor

參考網址：https://www.ntppool.org/zone/cn

啟動

systemctl start ntpd

再一次查詢系統時間為當前時間即為成功

再次查詢docker 鏡像

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 解決docker：x509:certificate has expired or is not yet valid docker pull 失敗報錯：x509: certificate has expired or is not yet valid docker harbor證書過期提示x509:certificate has expired or is not yet valid的錯誤 Rancher創建用戶報錯 x509: certificate has expired or is not yet valid Error response from daemon: error while validating Root CA Certificate: x509: certificate has expired or is not yet valid問題排查 Rancher無法登錄容器報錯X509：certificate has expired or is not ye valid rancher證書過期X509：certificate has expired or is not ye valid gitlab runner使用docker報錯（x509: certificate signed by unknown authority）定位 docker version:19.03.2 x509: certificate signed by unknown authority harbor證書x509: certificate signed by unknown authority