x509 error when using HTTPS inside a Docker container

If you are getting a 'x509: failed to load system roots and no roots provided' error when you run an HTTPS from inside a container, this might help.

This issue can happen if the base image used to build your Docker container does not have the CA certificates. Here is how it can be reproduced:

FROM ubuntu:14.04.1  
CMD curl https://www.google.com  

Running this container might generate something like this:

x509: failed to load system roots and no roots provided  

The reason for this is that the base image (ubuntu:14.04.1 in this case) does not have the root CA certificates installed. The solution is easy enough. Install them as part of your image build:

FROM ubuntu:14.04.1

RUN apt-get update  
RUN apt-get install -y ca-certificates

CMD curl https://www.google.com  

Khash Sajadi

Khash is the founder and CEO of Cloud 66, a full stack container management as a service. Follow him on @khash

London, UK and San Francisco, US
Subscribe and get updates

Have feedback? Please get in touch @cloud66 on Twitter.

Everything you need to build, manage and maintain containers in production on your own servers and any cloud

Try Cloud 66 — 14 Days Free Trial, No credit card required