Add @ArikaChen's tip for using HTTPS proxy to pull

Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@docker.com> (github: SvenDowideit) Signed-off-by: Sven Dowideit <SvenDowideit@docker.com>
2015-01-05 10:53:39 +10:00 · 2015-01-05 10:53:39 +10:00 · 2b97e7c82e
parent fbe252581a
commit 2b97e7c82e
1 changed files with 16 additions and 0 deletions
--- a/docs/sources/reference/commandline/cli.md
+++ b/docs/sources/reference/commandline/cli.md
@ -377,6 +377,22 @@ flag to the Docker daemon as described above.
 Local registries, whose IP address falls in the 127.0.0.0/8 range, are automatically marked as insecure
 as of Docker 1.3.2. It is not recommended to rely on this, as it may change in the future.

+### Running a Docker daemon behind a HTTPS_PROXY
+
+When running inside a LAN that uses a `HTTPS` proxy, the Docker Hub certificates
+will be replaced by the proxy's certificates. These certificates need to be added
+to your Docker host's configuration:
+
+1. Install the `ca-certificates` package for your distribution
+2. Ask your network admin for the proxy's CA certificate and append them to
+   `/etc/pki/tls/certs/ca-bundle.crt`
+3. Then start your Docker daemon with `HTTPS_PROXY=http://username:password@proxy:port/ docker -d`.
+   The `username:` and `password@` are optional - and are only needed if your proxy
+   is set up to require authentication.
+
+This will only add the proxy and authentication to the Docker daemon's requests -
+your `docker build`s and running containers will need extra configuration to use
+the proxy

 ### Miscellaneous options