You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I tried to verify it without using a public key, it didn't work:
$ cosign verify image:tag@digest --certificate-identity 'CN=MY CN from certificate'
Error: --certificate-oidc-issuer or --certificate-oidc-issuer-regexp is required for verification in keyless mode
Is there any way to include this certificate so that my end user can verify it easily? Do I need a transparent log for this?
All advice is welcome.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello everyone,
I really like Cosign, and I've been using it for over a year. Thanks!
I now have to use it with HSM hardware and I managed to compile it to use PKCS11 by following your documentation.
I sign a container image using the following command:
When I tried to verify it without using a public key, it didn't work:
Is there any way to include this certificate so that my end user can verify it easily? Do I need a transparent log for this?
All advice is welcome.
Beta Was this translation helpful? Give feedback.
All reactions