Why is docker login failing even though the insecure-registry flag is in place?

For some OS (such as OpenSuse for example) an error can arise in case the docker client is configured to work against an HTTP registry.

Though the –insecure-registry flag is in place:

DOCKER_OPTS=”–insecure-registry myregistrydomain.com:5000″

(https://docs.docker.com/registry/insecure/)

which was added under the ‘/etc/sysconfig/docker’ file

 You will still get the following error while performing the ‘docker login’ command:

“v2 ping attempt failed with error: Get https://myregistrydomain.com:5000/v2/: net/http: TLS handshake timeout

 v1 ping attempt failed with error: Get https://myregistrydomain.com/v1/_ping: net/http: TLS handshake timeout. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `–insecure-registry myregistrydomain:5000` to the daemon’s arguments. In the case of HTTPS, if you have access to the registry’s CA certificate, no need for the flag; simply place 


The –insecure-registry flag should bypass the TLS handshake validation but it doesn’t seem to take any effect.

What is wrong?

This error is mainly because of docker client compatibility issues on some OS.

The docker client is not taking the insecure registry flag during its init.

In order for it to take effect, it needs to edit the configuration file under ‘/etc/systemd/system/’ for the docker client to take the flag during init.

(Check the following https://docs.docker.com/engine/admin/configuring/ for more information about that).

using the following link https://docs.docker.com/engine/admin/systemd/


Here is an example for a docker.service.d file in case of OpenSuse OS:

[Service]

EnvironmentFile=-/etc/sysconfig/docker

ExecStart=

ExecStart=/usr/bin/docker daemon  $OPTIONS

          $DOCKER_STORAGE_OPTIONS

          $DOCKER_NETWORK_OPTIONS

          $BLOCK_REGISTRY

          $INSECURE_REGISTRY

          $DOCKER_OPTS