RSA modulus is not a positive number

Solution In Progress - Updated -


We are seeing this issue trying to eval OpenShift V3 training examples. Steps to reproduce...
Configure docker to access external registries using OurCompany's web proxy config, e.g., in /etc/sysconfig/docker:

OPTIONS='--insecure-registry= --selinux-enabled'

Try a docker pull that goes to, for example:

# docker pull openshift/hello-openshift

Observe error:

Trying to pull repository ... not found
Trying to pull repository ... failed
FATA[0002] Get tls: failed to parse certificate from server: x509: RSA modulus is not a positive number 

Other observations.
Using curl from the same box to access the same resource works, for example:

# curl -s -k -D - -x | head
HTTP/1.1 200 Connection established

HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Wed, 15 Jul 2015 20:18:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked

Can you help me figure out is this a bug in the way go parses certs (since curl works fine with same cert) or is there something actually wrong or non-standard about the MITM cert that I can take back to our firewall overlords? In the meantime, any ideas on how to work around this?


  • Red Hat Enterprise Linux 7.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In