I still have the same issue. None of the answers above seem to solve it. I have ubuntu 16.04, and I follow the steps described in https://docs.docker.com/install/linux/docker-ce/ubuntu/
I suspect it is related to an apt-get bug regarding https. The information being printed by apt-get is kind of misleading.
I think that Failed to fetch.. can also be translated as: problem accessing resource from within an https connection
How did I come to this conclusion:
First of all I am behind a corporate proxy so I have set the following configuration:
/etc/apt/apt.conf
Acquire::http::proxy "http://squidproxy:8080/";
Acquire::https::proxy "http://squidproxy:8080/";
Acquire::ftp::proxy "ftp://squidproxy:8080/";
Acquire::https::CaInfo "/etc/ssl/certs/ca-certificates.pem";
/etc/apt/apt.conf.d/99proxy
Acquire::http::Proxy {
localhost DIRECT;
localhost:9020 DIRECT;
localhost:9021 DIRECT;
};
I performed the following tests with differrent entries in sources.list
deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable
sudo apt-get update
W: The repository 'https://download.docker.com/linux/ubuntu xenial Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://download.docker.com/linux/ubuntu/dists/xenial/stable/binary-amd64/Packages
E: Some index files failed to download. They have been ignored, or old ones used instead.
Failure
deb [arch=amd64] http://localhost:9020/linux/ubuntu xenial stable
/etc/apache2/sites-enabled/apt-proxy.conf
# http to https reverse proxy configuration.
Listen 9020
<VirtualHost *:9020>
SSLProxyEngine On
# pass from squid proxy
ProxyRemote https://download.docker.com/ http://squidproxy:8080
ProxyPass / https://download.docker.com/
ProxyPassReverse / https://download.docker.com/
ErrorLog ${APACHE_LOG_DIR}/apt-proxy-error.log
CustomLog ${APACHE_LOG_DIR}/apt-proxy-access.log combined
</VirtualHost>
sudo apt-get update
Hit:1 ..
Hit:2 ..
...
Hit:7 http://localhost:9020/linux/ubuntu xenial InRelease
Get:8 ...
Fetched 323 kB in 0s (419 kB/s)
Reading package lists... Done
Success
deb [arch=amd64] https://localhost:9021/linux/ubuntu xenial stable
/etc/apache2/sites-enabled/apt-proxy.conf
# https to https revere proxy
Listen 9021
<VirtualHost *:9021>
# serve on https
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLProxyEngine On
# pass from squid proxy
ProxyRemote https://download.docker.com/ http://squidproxy:8080
ProxyPass / https://download.docker.com/
ProxyPassReverse / https://download.docker.com/
ErrorLog ${APACHE_LOG_DIR}/apt-proxy-error.log
CustomLog ${APACHE_LOG_DIR}/apt-proxy-access.log combined
</VirtualHost>
sudo apt-get update
W: The repository 'https://localhost:9021/linux/ubuntu xenial Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://localhost:9021/linux/ubuntu/dists/xenial/stable/binary-amd64/Packages
E: Some index files failed to download. They have been ignored, or old ones used instead.
Failure
In the above cases the url which apt-get Failed to fetch and also the Release file, were actually accessible from browser / wget / curl using the same proxy configuration.
The fact that apt-get worked only with http reverse proxy url, implies that there is some issue accessing resources from within an https connection.
I do not know what this issue is but apt-get should show a more informative message ( apt is even less verbose ).
Note: wiresharking case 1 showed that proxy
CONNECTwas successful, and no RST was sent, but of course the files could not be read.