Prisma cloud compute is not scanning harbor registry images after configuration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Prisma cloud compute is not scanning harbor registry images after configuration

L0 Member

Failed to pull image test/share-app:1.0.377, error error initializing source docker://harbor-d.xyz.com/test/share-app:1.0377:error pinging docker registry harbor-d.xyz.com: Get "https://harbor-d.xyz.com/v2/"x509: certificate signed by uninown authority

 

Hi I am actually configured prisma cloud compute with harbor registry.

Defenders are there when I've clicked on scan it is scanning the images but I went to see results Monitor> Vulnerabilities > Images > Registries 

I can see the above error. If anyone knows the solution please let me know.

 

Thanks,

Ganesh.

 

 

 

 

1 REPLY 1

L1 Bithead

Hi,

I am looking old questions to answer and I apologize that this question went unanswered.

 

The error "x509: certificate signed by unknown authority" sounds like an issue with pulling the image in general. Assuming you are using docker. I recommend attempting to pull the image manually ($ docker pull). The defender will interact with the underlying docker daemon to pull the image but ultimately the docker daemon is going to pull the image. 

 

I've seen similar errors with $docker pull if you try to connect to an insecure registry. I've had to configure the docker daemon to permit connecting to insecure registries before $docker pull would work. 

https://docs.docker.com/registry/insecure/

 

If you are able to pull manually, then the defender should be able to pull the image as well. If not, collect defender and console logs for review. They are located in the /var/lib/twistlock/log directory

 

  • 1550 Views
  • 1 replies
  • 0 Likes
  • 46 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!