To resolve this issue, provide the intermediate and root certificates by passing the certificate bundle file's path to the ca_certs key in the pluginConfig
Opened this issue · 1 comments
Hi,
I am trying out Notary.
https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/container-registry/container-registry-tutorial-sign-build-push.md
following the link
when I run this command
notation sign --signature-format cose --key $KEY_NAME $IMAGE
I get the below error.
Error: generate-signature command failed: VALIDATION_ERROR: Failed to build the X509 chain up to the root certificate. The provided certificate bundle either does not match or does not contain enough certificates to build a complete chain. To resolve this issue, provide the intermediate and root certificates by passing the certificate bundle file's path to the ca_certs key in the pluginConfig
can you please let me know how to fix it. I don't see pluginConfig in
/root/.config/notation
@lohithabc Thanks for reporting this issue. This issue is related to Notation CLI and Notation plugin, so would you mind moving this issue to Notationrepo?
We also need more information from you:
- Notation and Notation AKV plugin version
We had similar bug before, so please make sure you are using the latest version of Notation AKV plugin