[build] x509: certificate signed by unknown authority

Running:
```sh
lima nerdctl --insecure-registry=true compose --file=docker-compose.local.yml up --build
```

I got this error:
```
error: failed to solve: company.registry.com/golang:1.16-stretch: failed to do request: Head "https://company.registry.com/v2/golang/manifests/1.16-stretch": x509: certificate signed by unknown authority
```

Dockerfile.local
```dockerfile
FROM company.registry.com/golang:1.16-stretch

ARG WORKSPACE

ENV VAULT_VERSION=1.8.2

RUN sed -i -e 's/^deb-src/#deb-src/' /etc/apt/sources.list \
    && export DEBIAN_FRONTEND=noninteractive \
    && apt-get update -y -q && apt-get upgrade -y -q \
    && apt-get install --no-install-recommends -y -q \
      wait-for-it \
      curl \
      unzip \
    && curl -sSL -o /tmp/vault.zip https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip \
    && unzip /tmp/vault.zip 'vault' -d /usr/local/bin \
    && rm /tmp/vault.zip

COPY ./certs/* /usr/local/share/ca-certificates/

RUN update-ca-certificates

WORKDIR ${WORKSPACE}

COPY go.mod go.sum ${WORKSPACE}/

RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go mod download -x
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go install github.com/go-delve/delve/cmd/dlv@latest

COPY . ${WORKSPACE}

RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -race \
    -gcflags "all=-N -l" \
    -trimpath \
    -o /usr/local/bin/our-api \
    main.go

EXPOSE 40000
EXPOSE 3000

ENTRYPOINT ["./scripts/docker-local-entrypoint.sh"]
```

Weird this is that the `pull` command works:
```sh
❯ lima nerdctl --insecure-registry=true pull company.registry.com/golang:1.16-stretch
WARN[0000] skipping verifying HTTPS certs for "company.registry.com"
company.registry.com/golang:1.16-stretch:                       resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:78bc17c372a67b203f1e6f7005482ba0c46d7123f8d9586862e0e42e364fc087:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:eac5030e5669ba90a47a4dfc91655c14bbc4afbec0905ff8e264c82a76a5a520: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:797cbb623b616c82047c57ca6db3740b0d60f3d6d62d6765a3f381129a930c6e:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:06a1ec819ae274d76b79b00b06b87b4c80e093b94e376c857d5c6a91f47c5902:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:4b5f175d1abbc6d4a7774bd2912a927aa78b90fb04fb43d591e3dda317c9bb96:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:7885553ee256f7f9d1dd3016c0fd0c72fcd46217439371e3e1f610af0d159004:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:1c05d83e138cea8cb6ddd17442ab2138423db80e58408d93059f2ea25065952e:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:884ea03617543fd3eb6727d5dab474bcb8b11b5c36ff2783d442f32550770ff2:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:394ee1959bac9492a9fc64334844549eccd4274280678d81d6b5b19af703e2a6:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:22e09491e250a0b39b29730b3824ae3d3d87b50beca5ac2c13a654a3de356f7b:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 95.1s                                                                    total:  283.9  (3.0 MiB/s)
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[build] x509: certificate signed by unknown authority #363

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[build] x509: certificate signed by unknown authority #363

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions