Access Docker Registry with Self-Signed Certificate on Windows Server 2016

With Windows Server 2016 available it’s time to find out all the little details when using Docker to administrate containers. A common scenario is accessing a private/internal hosted Docker Registry protected with a self-signed certificate (Details).

Here is how you enable the Docker daemon and CLI on Windows Server 2016 to use your certificate when talking to the registry.

Example with internal registry on DNS and port myinternalregistry:5000:

Then restart the Docker daemon in a PowerShell session:

You can now docker run/pull/push to your private registry.

Note that the certs.d folder may not exist - in this case just create it. If you ever used Docker on Linux you would have a certs.d as well, with the registry folder in the format [hostname]:[port]. On Windows you cannot have : in folder names. If you dive into the source code you can see Docker simply strips the colon from the path on Windows