Our ASM environment communicates to the internet via proxy server and connections to registry.watchmouse.com are failing due to a certificate validation failure. For example:
docker pull registry.watchmouse.com/asm/smartpop-jmeter:production
Trying to pull repository registry.watchmouse.com/asm/smartpop-jmeter ...
Get https://registry.watchmouse.com/v1/_ping: x509: certificate signed by unknown authority
The first and preferred way to address this problem is to copy needed proxy certificates in PEM format to /etc/docker/certs.d/registry.watchmouse.com/
Docker should then trust presented certificate and proceed with the OPMS install. You can check the issuer of your proxy certificate with the command...
echo QUIT | openssl s_client -connect registry.watchmouse.com:443 2>/dev/null | egrep '^(subject|issuer)='
Alternatively, you can also bypass the certificate check, though this is not usually recommended...
Edit the /etc/sysconfig/docker, uncomment and update the line...
Save and exit and then run
systemctl restart docker
Thereafter, docker pull commands issued by the OPMS should succeed. Should you have run the installer on the server already, please also remove the packages that pull docker images before attempting install again...
yum remove asm-smartpop-checkpoint.noarch
yum remove asm-smartpop-rbtm.x86_64
...then re-run the OPMS installer