Docker-Machine commands timeout TLS handshake but Dock Swarmer working ok

Hypothesis

My guess is that the time inside your docker client VM is out of sync with the digital ocean server, and it is causing TLS handshake to fail. Try syncing the clock by running this command on your mac:

$ docker run --rm --privileged alpine hwclock -s

That command will set the clock inside the VM to the clock on your mac using the hwclock command. It needs privileged access because the container needs to read the time from the host hardware.

Explanation

The docker client on your mac is running inside a thin VM. The timing of the clock in the VM can get out of sync with the time on your mac and the time of the outside world, especially if you are using docker on a laptop that is allowed to sleep. That time de-sync can cause issues with any operations that need to know the time that events happened on the docker server (inside the VM) and compare that to events that happened outside the docker server. I suspect the TLS handshake with digital ocean is one such operation.

I experienced problems with docker's events not behaving the way I expected. After a long thread in the docker repository's issues section (moby/moby#25579) we figured out that the clock de-syncing was the cause.