True, I finally broke down and just added "--insecure-registry" (it's just a cert verification issue, the connection is secure regardless). Will try again later, sounds like they're planning major registry changes anyway. Anyway, while the S3 backed private registry is kinda slow, it works and it's literally a single docker run. I'm not sure how it could be simpler. https://github.com/docker/docker-registry/blob/master/ADVANC...