According to play-with-docker.com you can trust a self-signed cert by doing the following:
If you are running the registry locally, be sure to use your host name as the CN.
To get the docker daemon to trust the certificate, copy the domain.crt file.
mkdir /etc/docker/certs.d mkdir /etc/docker/certs.d/127.0.0.1:5000 cp $(pwd)/certs/domain.crt /etc/docker/certs.d/127.0.0.1:5000/ca.crt
Make sure to restart the docker daemon.
pkill dockerd dockerd > /dev/null 2>&1 &
The /dev/null part is to avoid the output logs from docker daemon.
Now we have an SSL certificate and can run a secure registry.
I haven’t tried this yet, as I am signing my local certs with my dev-ca that is trusted on system level.