When using docker client CLI from an external resource to log onto the VMware Harbor Registry's correct FQDN Hostname:

Example: $ docker login myharbor.domain.com

It fails with error:

Error response from daemon: Get https://myharbor.domain.com/v2/: x509: certificate signed by unknown authority.

Your local client does not have the certificate in its keychain and/or the docker server/client is not using it.

Step 1: Locate your certificate for your VMware Harbor Registry from Operations Manager:

• Browse to the Ops Manager Dashboard. Click on the tile for VMware Harbor Registry.
• From the Settings tab, click on Certificate. Copy your certificate from the panel.
• Create a cert.pem file with the contents copied from above. Simply create this cert.pem file through a copy/paste of the CERTIFICATE copied.

The end result should be that your cert.pem file:

Starts with the following line:
-----BEGIN CERTIFICATE-----
And ends with the following line:
-----END CERTIFICATE----- 

Step 2: Then add that cert.pem to your Clients Operating System's trust store.

Here is the Mac example:

MAC OPTION (For Mac OS X only): If using both Docker App and the docker CLI on Mac OS X, you can add it to the keychain from the terminal:

security add-trusted-cert -d -r trustRoot -k ~/Library/Keychains/login.keychain ./cert.pem

MAC OPTION (Continued): Then Quit and restart your local Docker App 
 

Step 3: Now you retry logging in to VMware Harbor Registry:

docker login myharbor.domain.com