something is not merge-able with this code ;)

@crosbymichael: Ha, this thing moves so fast. Rebased again!

LGTM

@crosbymichael Good catch, I've changed it

@discordianfish After more testing the client does not work with the unix socket because we are still serving https over the unix socket and the client gets malformed responses.

I think we should update the client to work with https also no matter the protocol.

@crosbymichael I'm working in another branch on https client which fixes this problem as well. Maybe it's easier to just close this "https server" PR and I'll open a new PR with both client and server changes. Guess this PR here alone doesn't make much sense anyway.

As discussed in IRC: Will close this in favor of a new PR including https support for client and server.

@discordianfish and/or @crosbymichael...

so just to level-set on what i believe to be true right now --> there is no way to use the docker CLI to push images to a private registry which is using SSL correct?

what i have is a private docker registry being fronted by nginx. nginx is in turn setup to use self-signed certificates for SSL. i cannot get a docker push <private_ssl_repo_tag> to work with 0.7.0 docker. when i do the push i get an error like this from the docker CLI:

[debug] registry.go:130 Registry https://MY_IP:443/v1/ does not work (Get https://MY_IP:443/v       1/_ping: x509: cannot validate certificate for MY_IP because it doesn't contain any IP SANs), falling        back to http

my cert does in fact contain valid SAN IP and DNS -- i double checked by dumping it to text with openssl -text.... moreover i tested with curl --cacert ... and it works when i can specify the client side cert.

IMHO it seems like the docker CLI should support:

• ability to pass in an option to not validate the server cert. most tools support this with an option like -insecure or similar.
• ability to specify the cert to use from the docker client... for example docker -cert /path/to/certfile push yadda

i was hoping i could use unix sockets with socat to hack around this issue short term, but it appears a docker push does not use the -H option (i.e. client CLI example here: http://jpetazzo.github.io/2013/10/20/secure-connection-docker-api/)

thanks