Docker In Docker - SSL problems

Question

I'm using Docker In Docker for Jenkins Slaves in our CI Pipeline.

I have run into an issue regarding SSL. The issue is maven can't access artifacts located in our Nexus repo, it simply hangs.

I tried using curl for debugging.

Inside the DinD container, all is fine:

$ curl -I https://www.google.com
HTTP/1.1 200 OK

If however I run:

bash-4.3# curl -I --insecure  https://nexus.eng.myco.com/nexus
curl: (35) Unknown SSL protocol error in connection to nexus.eng.myco.com:443`

it hangs for a long time and then I get this error:

curl: (35) Unknown SSL protocol error in connection to nexus.eng.myco.com:443`

I can run the problematic curl statement one level up (the docker container that is running the problem docker container), all is good.

I should note that if I run the problematic DinD container on my laptop (not in DinD though), it has no issues.

update with debug info:

bash-4.3#  curl -v -I https://nexus.eng.myco.com/nexus/content/groups/this>
*   Trying 54.164.137.27...
* Connected to nexus.eng.my.com (44.164.137.27) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):

Any ideas?

Answer 1

Probably it's too late to answer, but I will put it here in case of other strangers with similar problem.
I would suggest to check MTU in parent and child containers.

ip addr | grep mtu

In case you see that difference in MTU
e.g.

3: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1402 qdisc noqueue state UP group default
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default

it needs to be corrected to be the same.
e.g.

ip link set dev eth0 mtu 1500