Solved: Unable to query docker version: Get https://192.168.99.100:2376/v1.15/version: x509: certificate is valid for 192.168.99.103, not 192.168.99.100

Today we will look at an interesting issue you will face if you stop the docker machines and then start them after physical machine reboot.
OR,
When IP address assigned to docker machines changes.

Issue Details

$ docker-machine ls
NAME           ACTIVE   DRIVER       STATE     URL                         SWARM   DOCKER    ERRORS
firstmanager   -        virtualbox   Running   tcp://192.168.99.100:2376           Unknown   Unable to query docker version: Get https://192.168.99.100:2376/v1.15/version: x509: certificate is valid for 192.168.99.103, not 192.168.99.100
worker1        -        virtualbox   Running   tcp://192.168.99.102:2376           Unknown   Unable to query docker version: Get https://192.168.99.102:2376/v1.15/version: x509: certificate is valid for 192.168.99.101, not 192.168.99.102
worker2        -        virtualbox   Running   tcp://192.168.99.101:2376           Unknown   Unable to query docker version: Get https://192.168.99.101:2376/v1.15/version: x509: certificate is valid for 192.168.99.102, not 192.168.99.101

$ docker-machine env firstmanager
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": x509: certificate is valid for 192.168.99.103, not 192.168.99.100
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.

Solution
To solve this issue we need to regenerate the certificates for all those machines which are showing error message.

In my case, all machines are showing error message, hence i have regenerated the certificates for all machines below.


$ docker-machine regenerate-certs firstmanager
Regenerate TLS machine certs?  Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...


$ docker-machine ls
NAME           ACTIVE   DRIVER       STATE     URL                         SWARM   DOCKER     ERRORS
firstmanager   -        virtualbox   Running   tcp://192.168.99.100:2376           v18.09.1   
worker1        -        virtualbox   Running   tcp://192.168.99.102:2376           Unknown    Unable to query docker version: Get https://192.168.99.102:2376/v1.15/version: x509: certificate is valid for 192.168.99.101, not 192.168.99.102
worker2        -        virtualbox   Running   tcp://192.168.99.101:2376           Unknown    Unable to query docker version: Get https://192.168.99.101:2376/v1.15/version: x509: certificate is valid for 192.168.99.102, not 192.168.99.101


$ docker-machine regenerate-certs worker1 worker2
Regenerate TLS machine certs?  Warning: this is irreversible. (y/n): t
01HW860271:docker saket1447583$ docker-machine regenerate-certs worker1 worker2
Regenerate TLS machine certs?  Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Waiting for SSH to be available...
Detecting the provisioner...
Detecting the provisioner...
Copying certs to the local machine directory...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...

$ docker-machine ls
NAME           ACTIVE   DRIVER       STATE     URL                         SWARM   DOCKER     ERRORS
firstmanager   -        virtualbox   Running   tcp://192.168.99.100:2376           v18.09.1   
worker1        -        virtualbox   Running   tcp://192.168.99.102:2376           v18.09.1   
worker2        -        virtualbox   Running   tcp://192.168.99.101:2376           v18.09.1   
$ 

One Reply to “Solved: Unable to query docker version: Get https://192.168.99.100:2376/v1.15/version: x509: certificate is valid for 192.168.99.103, not 192.168.99.100”

  1. Mohammed

    I try this but it’s stuck on waiting for ssh to be available

    Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
    Regenerating TLS certificates
    Waiting for SSH to be available…

    Any help please ?

Leave a Reply

Your email address will not be published.