diff -up docker-2a2f26c1979cdaed884c765ea3dd203543e7e284/registry/registry.go.entitlement docker-2a2f26c1979cdaed884c765ea3dd203543e7e284/registry/registry.go
--- docker-2a2f26c1979cdaed884c765ea3dd203543e7e284/registry/registry.go.entitlement	2014-10-30 12:47:19.638087268 -0400
+++ docker-2a2f26c1979cdaed884c765ea3dd203543e7e284/registry/registry.go	2014-10-30 12:48:30.778233169 -0400
@@ -91,12 +91,6 @@ func doRequest(req *http.Request, jar ht
 	if err != nil && !os.IsNotExist(err) {
 		return nil, nil, err
 	}
-	hostDir = path.Join(" /etc/pki/entitlement", req.URL.Host)
-	if fs1, err := ioutil.ReadDir(hostDir); err == nil {
-		for _, f := range fs1 {
-			fs = append(fs, f)
-		}
-	}
 
 	var (
 		pool  *x509.CertPool
@@ -124,33 +118,6 @@ func doRequest(req *http.Request, jar ht
 				cert, err := tls.LoadX509KeyPair(path.Join(hostDir, certName), path.Join(hostDir, keyName))
 				if err != nil {
 					return nil, nil, err
-				}
-				certs = append(certs, &cert)
-			}
-		}
-		if strings.HasSuffix(f.Name(), ".key") {
-			keyName := f.Name()
-			certName := keyName[:len(keyName)-4] + ".cert"
-			if !hasFile(fs, certName) {
-				return nil, nil, fmt.Errorf("Missing certificate %s for key %s", certName, keyName)
-			}
-		}
-		if strings.HasSuffix(f.Name(), ".pem") {
-			if strings.HasSuffix(f.Name(), "-key.pem") {
-				keyName := f.Name()
-				certName := keyName[:len(keyName)-len("-key.pem")] + ".pem"
-				if !hasFile(fs, certName) {
-					return nil, nil, fmt.Errorf("Missing certificate %s for key %s", certName, keyName)
-				}
-			} else {
-				certName := f.Name()
-				keyName := certName[:len(certName)-len(".pem")] + "-key.pem"
-				if !hasFile(fs, keyName) {
-					return nil, nil, fmt.Errorf("Missing key %s for certificate %s", keyName, certName)
-				}
-				cert, err := tls.LoadX509KeyPair(path.Join(hostDir, certName), path.Join(hostDir, keyName))
-				if err != nil {
-					return nil, nil, err
 				}
 				certs = append(certs, &cert)
 			}