TechQA.

Cosign giving error signing ECR images. Keyless signing with github repo certificate using git_ref

377 views Asked by At

I am getting below error in signing images using cosign, It used to work but it seems not working anymore. I use keyless mode to sign these images and with error it looks like the private/public key used by fulcio is failing to be used now.

getting signer: getting key from Fulcio: getting CTFE public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key
remote status:{
    "mirror": "https://sigstore-tuf-root.storage.googleapis.com",
    "metadata": {
        "root.json": {
            "version": 9,
            "len": 6766,
            "expiration": "12 Sep 24 06:53 UTC",
            "error": ""
        },
        "snapshot.json": {
            "version": 132,
            "len": 2302,
            "expiration": "09 Apr 24 16:16 UTC",
            "error": ""
        },
        "targets.json": {
            "version": 9,
            "len": 5478,
            "expiration": "12 Sep 24 06:13 UTC",
            "error": ""
        },
        "timestamp.json": {
            "version": 169,
            "len": 723,
            "expiration": "26 Mar 24 16:16 UTC",
            "error": ""
        }
    }
}
digital-signature cosign-api
Original Q&A
1

There are 1 answers

1
Tayfun On

I'm getting the same error too. You can fix it using the following cosign config

uses: sigstore/[email protected]
with:
  cosign-release: 'v2.2.2' # optional

Related Questions in DIGITAL-SIGNATURE

Related Questions in COSIGN-API

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions