ddev: Windows 10: corrupted CA certificate: failed to read the CA certificate: unexpected content

Describe the bug

It starts with a message on start like: ddev-router failed to become ready: logOutput=, err=container exited, please use 'ddev logs -s ddev-router to find out why it failed`

That’s actually an error, and it should say to use docker logs ddev-router

Then you do the docker logs ddev-router and you see: Using the local CA at "/root/.local/share/mkcert" ✨ ERROR: failed to read the CA certificate: unexpected content

If this happens to you,

Before beginning, please ddev poweroff && ddev start to get back to the beginning and demonstrate the error.

  1. Please report the results of ddev exec ls -lR /mnt/ddev-global-cache/mkcert
  2. ddev exec sudo rm -rf /mnt/ddev-global-cache/mkcert && ddev poweroff && ddev start might fix it.
  3. If not, docker volume rm ddev-global-cache && ddev start will delete ddev’s global cache (which contains the root CAs and composer cache)
  4. If not, try to fix the CA certs on the host side with mkcert -uninstall && rm -rf "$(mkcert -CAROOT)" && mkcert -install && ddev poweroff && ddev start

Please report your results here.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 1
  • Comments: 22 (11 by maintainers)

Most upvoted comments

I just ran into this issue and step 4 solved it for me. Thank you @rfay

+2
CreateSean on Jul 28, 2020

Hyper V

+1
tobiasgraeber on Sep 2, 2020

I can confirm the case like @janisint described. So https://github.com/drud/ddev/issues/2415#issuecomment-669735297 worked for me as well.

Environment: Win10, latest Docker Desktop for Windows Version. Seems like a bug/issue that made its way into the project with one of the latest updates… (was running fine all the time until a week or two ago…)

Doing a ddev poweroff && ddev start as statet in OP did not help.

Before that, the issue occures after a ddev start.

Note, the first visible error message is:

failed to copy root CA into docker volume: container run failed with exit code 1, output='cp: read error: Function not implemented cp: read error: Function not implemented '

process still running further until creating ddev-router ...done and then it echos:

Failed to start XXXXXX: ddev-router failed to become ready: logOutput=, err=container exited, please use 'ddev logs -s ddev-router to find out why it failed`

so…doing a 'ddev logs -s ddev-router outputs:

Using the local CA at "/root/.local/share/mkcert" ✨ ERROR: failed to read the CA certificate: unexpected content

As described by janisint, removing and recreating the docker volume works (until now) but the real underlying reason seems not to be found until now … maybe somebody else has an idea what´s really happening here …?

+1
tobiasgraeber on Sep 1, 2020

I had this problem and none of the suggested steps worked for me. I kept getting: Error response from daemon: Conflict: volume is in use

What worked for me was running docker container prune and docker volume prune (from one of the answers to this StackOverflow question)

(ETA: this did blow away my local db and I had to do a pull from the remote environment, but nothing else was working)

+1
plousia on Aug 11, 2020

it happened to me and the output of ddev exec ls -lR /mnt/ddev-global-cache/mkcert is Project is paused. Run ‘ddev start’ to start it.

However start will fail because of the failure of ddev-router.

docker volume rm ddev-global-cache helped me though

+1
Martin-Ernst on Jul 30, 2020
Read more comments on GitHub
← ddev: Update PHP 8 uploadprogress "Missing arginfo for uploadprogress_get_info()"
ddev: With magento (1) in htdocs subdirectory, creation of local.xml failed or in wrong location →