mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Add better client error for client certificate failure (missing or denied)
This adds a more meaningful error on the client side so the "bad certificate" error coming from the TLS dial code has some context for the user. Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
This commit is contained in:
parent
389b806945
commit
d175ef6773
1 changed files with 4 additions and 0 deletions
|
@ -102,6 +102,10 @@ func (cli *DockerCli) clientRequest(method, path string, in io.Reader, headers m
|
|||
if cli.tlsConfig == nil {
|
||||
return serverResp, fmt.Errorf("%v.\n* Are you trying to connect to a TLS-enabled daemon without TLS?\n* Is your docker daemon up and running?", err)
|
||||
}
|
||||
if cli.tlsConfig != nil && strings.Contains(err.Error(), "remote error: bad certificate") {
|
||||
return serverResp, fmt.Errorf("The server probably has client authentication (--tlsverify) enabled. Please check your TLS client certification settings: %v", err)
|
||||
}
|
||||
|
||||
return serverResp, fmt.Errorf("An error occurred trying to connect: %v", err)
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue