Verification error: Not issued by a trusted root error
raulcabello opened this issue · 1 comments
raulcabello commented
Description
Keyless verification is not working since the Fulcio Intermediate CA certificate was introduced, see sigstore/cosign#1774
This is the error I see:
INFO sigstore::cosign::signature_layers: Skipping OCI layer because of error error=CertificateValidityError("Not issued by a trusted root")
If the signature is stored in an OCI, the chain is stored in the annotation dev.sigstore.cosign/chain
Version
sigstore-rs v0.3.1
flavio commented
Assigned to @raulcabello, who is currently looking into that