I am following the official documentation here, with Mender HOSTED
And have used all of the default values provided in the code snippets as I just want to get the image running locally, then I will look to configure it with the actual certificates.
I have a Mender Enterprise Trial, and my account is configured as the Administrator, and I am using the Mender Hosted Service.
This is the step that fails:
docker run \
-p 443:8080 \
-e MTLS_MENDER_USER="$MTLS_MENDER_USER" \
-e MTLS_MENDER_PASS="$MTLS_MENDER_PASS" \
-e MTLS_MENDER_BACKEND=$MTLS_MENDER_BACKEND \
-e MTLS_DEBUG_LOG=true \
-v $(pwd)/server-cert.pem:/etc/mtls/certs/server/server.crt \
-v $(pwd)/server-private.key:/etc/mtls/certs/server/server.key \
-v $(pwd)/ca-cert.pem:/etc/mtls/certs/tenant-ca/tenant.ca.pem \
registry.mender.io/mendersoftware/mtls-ambassador:mender-master
The error is:
Unable to find image 'registry.mender.io/mendersoftware/mtls-ambassador:mender-master' locally
docker: Error response from daemon: Head "https://registry.mender.io/v2/mendersoftware/mtls-ambassador/manifests/mender-master": no basic auth credentials.
See 'docker run --help'.
I have reviewed the suggestions in the following threads:
- Understanding mutual TLS - General Discussions - Mender Hub
- Mutual TLS with mender - Get Started - Mender Hub
- Issue with Mender Client Certificate/Mutual TLS tutorial or setup - General Discussions - Mender Hub
Running docker login registry.mender.io and entering my admin credentials returns the following error:
Error response from daemon: login attempt to https://registry.mender.io/v2/ failed with status: 401 Unauthorized
In one of the threads above it mentions having a separate account for the mtls authorization, but doesn’t provide any further details and I cannot see anything in the Mender portal to allow registry access.
Is someone able to provide guidance please.