The Docker CLI client will use TLS (and look for a certificate file) when DOCKER_TLS_VERIFY is set to ANY value. The docker-java library will always try to use TLS unless DOCKER_TLS_VERIFY=0. This is inconsistent and causes settings that work with docker-java to break usage of the Docker CLI client.