minishift: 'minishift start' fails when behind https proxy

I think this might be related to #391 but I’m not sure. In any event, i know that I am behind a corporate proxy server, so the HTTPS certificates that will come back aren’t going to match anything OOTB:

$  minishift start                          
-- Checking if KVM driver is installed ...    
   Driver is available at /usr/bin/docker-machine-driver-kvm ...                            
   Checking driver binary is executable ... OK                                              
-- Checking if Libvirt is installed ... OK    
-- Checking if Libvirt default network is present and active ... OK                         
-- Starting local OpenShift cluster using 'kvm' hypervisor ...                              
-- Starting Minishift VM ............... OK   
-- Checking for IP address ... OK             
-- Checking if external host is reachable from the Minishift VM ...                         
   Pinging 8.8.8.8 ... FAIL                   
   VM is unable to ping external host         
-- Checking HTTP connectivity from the VM ...                                               
   Retrieving http://minishift.io/index.html ... FAIL                                       
   VM cannot connect to external URL with HTTP                                              
-- Checking if persistent storage volume is mounted ... OK                                  
-- Checking available disk space ... 0% used OK                                             
-- OpenShift cluster will be configured with ...                                            
   Version: v3.6.0                            
-- Checking `oc` support for startup flags ...                                              
   host-volumes-dir ... OK                    
   http-proxy ... OK                          
   https-proxy ... OK                         
   no-proxy ... OK                            
   routing-suffix ... OK                      
   host-config-dir ... OK                     
   host-data-dir ... OK                       
   host-pv-dir ... OK                         
Starting OpenShift using openshift/origin:v3.6.0 ...                                        
Pulling image openshift/origin:v3.6.0         
-- Checking OpenShift client ... OK           
-- Checking Docker client ... OK              
-- Checking Docker version ... OK             
-- Checking for existing OpenShift container ... OK                                         
-- Checking for openshift/origin:v3.6.0 image ...                                           
   Pulling image openshift/origin:v3.6.0      
FAIL                                          
   Error: error pulling Docker image openshift/origin:v3.6.0                                
   Caused By:                                 
     Error: Error while pulling image: Get https://index.docker.io/v1/repositories/openshift/origin/images: x509: certificate signed by unknown authority                               
Error during 'cluster up' execution: Error starting the cluster.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 20 (15 by maintainers)

Most upvoted comments

I use privoxy as local forwarding proxy (instead of the unmaintained polipo and without the privacy options enabled) and it listens to the virtualbox network addresses, eg. 192.168.56.1:3128.

when I set the http_proxy / https_proxy environement variables to http://192.168.56.1:3128 BEFORE starting minishift for the first time, then it is able to pull all necessary images.

+2
ckolumbus on Oct 12, 2017

You could try this workaround as a temporary fix: https://stackoverflow.com/questions/21181231/server-certificate-verification-failed-cafile-etc-ssl-certs-ca-certificates-c/21181447#21181447

+1
andrew-rosca on Jan 11, 2019
Read more comments on GitHub
← minishift: minishift start fails contacting Github to download oc
minishift: minishift start fails with various errors when ~/.kube exists →