I configured insecure registry by self singed certificate.After providing user name and password , getting error message as " Error response from daemon: Get https://ip address:5000/v1/users/: x509: certificate signed by unknown authority".

Execute following steps to docker registry with private certificates:

1. Generate private SSL Certificate with following command. This will create certs folder with two file domain.crt, domain.key

   openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key  -x509 -days 365 -out certs/domain.crt
   

2. Start docker registry with following command:

   docker run -d -p 5000:5000 --restart=always --name registry \
   -v `pwd`/certs:/certs \
   -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
   -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
   registry:2
   

3. On another machine where you want to pull the images, copy

   certs/domain.crt

   file to

   /etc/docker/certs.d/<<DockerRegistryServerHostname>>:<<DockerRegistryPort>>/ca.crt

   Make sure the name of certificate file is ca.crt (not domain.crt).

   For example, if docker registry IP address is docker.registry and port is 5000 then folder name will be

   /etc/docker/certs.d/docker.registry:5000/

4. Now run docker pull command. You should not face any issue.