I am running my official website and this blog on busybox docker containers. I noticed today that this image does not support certificate trust stores and therefore cannot request an SSL-enabled web services.

My website is using Google recaptcha to handle spam requests on its contact form. However, the website throws the following exception when recaptch API is requested:

x509: failed to load system roots and no roots provided

First approach would be to use COPY command to load the certificate store bundle in to the image.

I do not want to keep the certificates on docker image, so I fixed the issue by mounting the host’s certificate store in to the container file system.

The following command is solving the issue for me:


docker run -v $CERT_DIR:$CERT_DIR --name web -d busybox