The best way to secure the Docker API is to use an SSL certificate, which requires a trusted root authority and can be managed by the client. The following steps outline how to set up the Docker Engine API for HTTPS:

Generate self-signed certificates using OpenSSL or similar tools. Create a Certificate Authority (CA) key pair — one public and one private — on your server running the CA service. Generate a certificate request from your server running the CA service, signed by your CA key pair. Import this signed certificate into your browser’s trust store as a trusted root authority for signing other certificates in future requests
https://t.co/5jvox954Zk