Error by trying installing docker repository on linux ubuntu 18.04 LTS

Question

Sorry the language is german.

So I added the repository of the docker:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

But I get Errors when I update the sources:

sudo apt-get update

Ign:3 https://download.docker.com/linux/ubuntu bionic InRelease

Fehl:4 https://download.docker.com/linux/ubuntu bionic Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 54.230.93.95 443]

Holen:5 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74,6 kB]

OK:6 http://archive.ubuntu.com/ubuntu bionic-security InRelease

Paketlisten werden gelesen... Fertig E: Das Depot »https://download.docker.com/linux/ubuntu bionic Release« enthält keine Release-Datei.

N: Eine Aktualisierung von solch einem Depot kann nicht auf eine sichere Art durchgeführt werden, daher ist es standardmäßig deaktiviert.

N: Weitere Details zur Erzeugung von Paketdepots sowie zu deren Benutzerkonfiguration finden Sie in der Handbuchseite apt-secure(8).

Answer 1

For those still having this issue, here is a solution which I gleaned from the Ubuntu manpages.

The OP's post indicates a certificate verification error:

Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 54.230.93.95 443]

I was having similar issues on a VM which sits behind a corporate proxy. The proxy acts as a man-in-the-middle, decrypting and re-encrypting traffic as it flows through the proxy. Even though I had the trusted certificate installed on my VM for the proxy, this error was still happening, caused by an invalid OCSP response. To fix it, I ran this command:

touch /etc/apt/apt.conf.d/99verify-peer.conf \
&& echo >>/etc/apt/apt.conf.d/99verify-peer.conf "Acquire { https::Verify-Peer false }"

This disables apt's OCSP verification, and is not recommended.

I chose a different solution, which may not be available to others. Our company maintains a non-decrypting proxy for use cases like this, so I switched to using it.