How to verify on different machine? #861

Furisto · 2024-01-09T15:47:13Z

Furisto
Jan 9, 2024

I am using the AWS Signer plugin to sign a container image like so:
notation sign myimage:foobar --plugin "com.amazonaws.signer.notation.plugin" --id arn:aws:signer:eu-central-1:12345678:/signing-profiles/furisto_test

I can verify the signature on the machine where I signed the image successfully with:
notation verify myimage:foobar

How would this work when I try to do the verification on a different machine? The above command will obviously fail because the key is not present. I do not see an option to specify that the AWS signer plugin should be used during verification. Is the idea that notation key add should be used? Then how do I specify the key during verification? Basically what is the workflow to verify a signature after I have signed the image from a different machine?

Answered by Furisto

Jan 9, 2024

Figured it out. The issue was actually that the plugin silently failed because it was missing the AWS region.

View full answer

Furisto · 2024-01-09T16:39:39Z

Furisto
Jan 9, 2024
Author

Figured it out. The issue was actually that the plugin silently failed because it was missing the AWS region.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to verify on different machine? #861

{{title}}

Replies: 1 comment

{{title}}

Select a reply

How to verify on different machine? #861

Furisto Jan 9, 2024

Replies: 1 comment

Furisto Jan 9, 2024 Author

Furisto
Jan 9, 2024

Furisto
Jan 9, 2024
Author