Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Offline verification #3963

Open
zetti12345 opened this issue Dec 12, 2024 · 0 comments
Open

Offline verification #3963

zetti12345 opened this issue Dec 12, 2024 · 0 comments
Labels
question Further information is requested

Comments

@zetti12345
Copy link

Question
Hi

I try to do an offline verification on my signed container with cosign. I followed the description in the Readme.md first to save the image with cosign save ....
Afterwards I try to verify my image like this:

cosign verify --certificate-identity [email protected] --certificate-oidc-issuer-regexp * --offline=true --local-image ./path

And always get following error:

Error: no matching signatures: error verifying bundle: verifying bundle: rekor log public key not found for payload
main.go:74: error during command execution: no matching signatures: error verifying bundle: verifying bundle: rekor log public key not found for payload

I am using cosign version 2.4.0

Can you please describe met what I am doing wrong as documentation is not really helping me?

Thx for your help
Peter
@zetti12345 zetti12345 added the question Further information is requested label Dec 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zetti12345