Browse code
Add a little info on how to talk to the TLS encrypted Docker Socket
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@docker.com> (github: SvenDowideit)
Sven Dowideit authored on 2014/10/15 16:24:53Showing 2 changed files
| ... | ... |
@@ -178,3 +178,10 @@ location using the environment variable `DOCKER_CERT_PATH`. |
| 178 | 178 |
|
| 179 | 179 |
$ export DOCKER_CERT_PATH=${HOME}/.docker/zone1/
|
| 180 | 180 |
$ sudo docker --tlsverify ps |
| 181 |
+ |
|
| 182 |
+### Connecting to the Secure Docker port using `curl` |
|
| 183 |
+ |
|
| 184 |
+To use `curl` to make test API requests, you need to use three extra command line |
|
| 185 |
+flags: |
|
| 186 |
+ |
|
| 187 |
+ $ curl --insecure --cert ~/.docker/cert.pem --key ~/.docker/key.pem https://boot2docker:2376/images/json` |
| ... | ... |
@@ -4,9 +4,12 @@ page_keywords: API, Docker, rcli, REST, documentation |
| 4 | 4 |
|
| 5 | 5 |
# Docker Remote API |
| 6 | 6 |
|
| 7 |
- - The Remote API is replacing `rcli`. |
|
| 8 | 7 |
- By default the Docker daemon listens on `unix:///var/run/docker.sock` |
| 9 | 8 |
and the client must have `root` access to interact with the daemon. |
| 9 |
+ - If the Docker daemon is set to use an encrypted TCP socket (`--tls`, |
|
| 10 |
+ or `--tlsverify`) as with Boot2Docker 1.3.0, then you need to add extra |
|
| 11 |
+ parameters to `curl` when making test API requests: |
|
| 12 |
+ `curl --insecure --cert ~/.docker/cert.pem --key ~/.docker/key.pem https://boot2docker:2376/images/json` |
|
| 10 | 13 |
- If a group named `docker` exists on your system, docker will apply |
| 11 | 14 |
ownership of the socket to the group. |
| 12 | 15 |
- The API tends to be REST, but for some complex commands, like attach |