AWS Tutorial - Pushing Docker Image to AWS ECR error x509

Question

I'm working towards through the AWS Build a Modern Web Application project and have come across a problem at Module 2B part 1C (Confusing but will make sense if you go to the link).

Command used:

$ docker push muhammad.h.mughal.dkr.ecr.us-east-1.amazonaws.com/mythicalmysfits/service:latest

I can't seem to push the docker image I have created. The error reads:

    The push refers to repository [muhammad.h.mughal.dkr.ecr.us-east-1.amazonaws.com/mythicalmysfits/service]
Get https://muhammad.h.mughal.dkr.ecr.us-east-1.amazonaws.com/v2/: x509: certificate is valid for *.dkr.ecr.us-east-1.amazonaws.com, not muhammad.h.mughal.dkr.ecr.us-east-1.amazonaws.com

I thought it would be a simple task however I have been stuck on this for a while now and am reaching out. If you need more information please let me know.

Answer 1

You're getting this error because the name you're using for the repository, muhammad.h.mughal, has . periods in it.

You'll note the host you're referring to is muhammad.h.mughal.dkr.ecr.us-east-1.amazonaws.com but the certificate is for *.dkr.ecr.us-east-1.amazonaws.com. * in this context ( ssl certificate Common Names) matches only one domain component. By adding a . in your naming, you've inadvertently created a domain name with 3 domain components (muhammad,h,and mughal), invalidating ssl certificate of ECR.

The solution, though drastic, is simple - delete the repo. That name will never work correctly, and now is the time to start over.