cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
dhoskins
Cadet
Cadet
‎07-11-2021 06:13 PM
  • 3,106 Views

rhcsa lab container issue, podman login and x509 erros

I have been working with the rhcsa labs now and I have an issue with the containers portion.  When trying to log in, I get a "error pinging docker registry registry.lab.example.com: Get https://registry.lab.example.com/v2: x509: certificate has expired or is not yet valid."  What's strange is that this doesn't always happen.  If I delete the labs and rebuild, they might come up and I can build containers.  After a while though, it will error out on its own.  I looked at the /etc/pki/ca-trust/source/anchors.  All that is in there is a katello cert??  Is this something I can fix?

Labels (3)
Labels
Join the discussion
4 Replies
Deanna
Community Manager
Community Manager
‎08-06-2021 03:02 PM
  • 3,036 Views

Hi @dhoskins - were you able to find a solution here? I am curious if you could share what worked for you.

 

--
Deanna
dhoskins
Cadet
Cadet
‎08-07-2021 04:54 PM
  • 3,024 Views

I did finally figure out a solution for this.  I'm not sure if it is the right one but it works.  When installing container-tools, use sudo or be root.  But.... log all the way out of the session.  If I didn't, it would give me this error.  I tried exit, su user, su -....etc.  None of it seemed to work.  Once I logged off and back on as the user, it worked as it should.  I saw this same issue pop up on the RHCSA exam as well.  Luckily I had already figured it out ahead of time

 

 

 

Tracy_Baker
Starfighter Starfighter
Starfighter
‎08-07-2021 08:44 PM
  • 3,018 Views

@dhoskins 

Well, you have to be sudo (or root) to install a pacakge anyway, so... that's not the "fix".

To fix it, or more correctly a workaround without having to log all the way back out and then in, use --tls-verify=false as an option with podman pull

Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true, then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified, TLS verification will be used unless the target registry is listed as an insecure registry in registries.conf.

The option does not exist with podman run, so you'll have to to do a pull, then a run, separately.

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College
0 Kudos
mushi_mushi
Cadet
Cadet
‎08-27-2023 10:08 PM
  • 977 Views

Hi, just had this x509 error with podman login, turns out I was running it as root and it needs to be run as student.

Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use