Hello. Initially I just wanted to set up a Minecraft server for some family over Christmas, but then I noticed I’m having issues with Container Station failing to get certificates from anything online. This is preventing me from making any container of any kind.
Here’s my error:
Background task error for create minecraft-server-1: error pulling image configuration: Get https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/[string of info, redacted for possible privacy issues]version=2: x509: certificate signed by unknown authority
I’ve googled this up and down but nothing matches my exact issue and it’s driving me mad. My NAS is directly connected to my router. I’m very new to owning a NAS, so I assume I’ve done something wrong?
So a couple of questions - Are you working inside Container Station to create the docker container? Can you post your YAML file you are using? Give us some more steps for what you are tying to do.
I’ve seen issues with some Docker packages online. I’ve got one that I use for an application and every time I try to download the very latest, I get an error that there’s no file to download. I’ve even tried it in Docker Desktop on my computer and get the same thing. So maybe like me, there’s an issue with the particular package you are trying to download.
I’m just trying to use the Container Station app to install any Minecraft docker. I’ve tried my way down the entire list available and all give me the same error. For more clarification, I am running a TS-670 Pro (which I believe to be EOL), running my latest available firmware (4.3.6.2805), with Container Station version 2.0.957.
I upgraded the CPU to an i7 3770S and put in 8GB of RAM.
What I’m doing exactly:
Opening Container Station
Clicking on “Create”
Install a Minecraft image (kitematic/minecraft’s version in this case)
Auto start off, CPU 50%, RAM 4gbs.
Click “Create”
Get the afformentioned error.
I’m not using any YAML to make this - I’m looking into that now - but I’m thinking this is just an EOL issue and QNAP’s old defaults are outdated and causing errors.
OK. It might be your old Container Station version. The current version is 3.1. You probably can’t install that on the older QTS version.
I just tried installing Minecraft on my TS-873A and it installed and started up in like a minute. So the package is good and Container Station (the latest version at least) is good.
I was concerned this was the case. I guess I’m out of luck unless QNAP bless us EOL users with newer Container Station versions.
The thing is, I’m pretty sure it will work if I can get past this irritating cert screen. I just have to learn how to run docker through SSH to bypass any cloudflare issues.
You might be able to use YAML code to create the container manually. I don’t know. Or you could create a Linux VM, download Docker Desktop and run the container inside the Linux VM.
While I did necessarily need a Minecraft server, I am a terribly stubborn person and knew this issue was simply a matter of bypassing the cloudflare cert. After some digging, I can confirm that you can bypass the cloudflare key.
Open Container Station
Click on “Images”
Click on “Pull” (top right)
Click on “Add”
Name: Whatever you please. (I put “Docker_Hub_New”)
IMPORTANT! Un-tick the “Trust SSL Self-Signed Certificate” option
Click “Test” just to make sure everything works. You should see a green tick
You can leave “Set to default” checked if you wish
Click “Add”
Now all you need to do is find your docker image and image version (in my case it was itzg/minecraft-server), select your new registry, and click “Pull”. It should download like normal, no need for any certs.
You will need to do this for all new containers, but it’s better than not having any at all.
I found this out in perhaps the most contrived way possible. I knew the docker URL or Cloudflare key was likely in some form of database, so I looked for any storage file like a json or sql file. Sure enough, I found an sqllite file. It pointed towards registry.hub.docker, so I simply added my own rows to this and changed “require key” to “0”. After this worked, I attempted to add it in “pull” and that also worked. Thankfully no one has to edit sql files!
Anyway, I’m hoping this helps someone out there facing the same issues that I am. It’s a surprisingly simple solution for something that was a big headache for a few days…
Thank you for sharing. I wonder if this is an older Container Station setting. I’ve never seen the SSL Self-Signed Certificate option. I don’t think this is in newer version of Container Station (I could be wrong but don’t remember seeing it).
According to our internal team’s analysis, this situation is primarily due to the model being an older version. If it were a newer model, the process would be much simpler.
If you are interested in a trade-in (upgrade), please feel free to contact us. Thank you!