axel

Hi Markus, I wrote a simple script that build a json with the container data (https://github.com/containers/image/blob/master/docs/containers-signature.5.md), sign it with signserver and a pgp worker (data with an attached signature) and upload it to a server. I used this guide to undestand the process and I adapted the signing part to include signserver instead of using podman. Regards, Axel

Hi Markus, I'm sorry, the issue was on my side, my identity forwarding wasn't properly configured for openID. Thanks for your help Regards, Axel

Hello, I want to use an apache reverse proxy to do authentication with ldap/openid and use the Username Authorizer to control the access to the workers. I successfully installed the reverse proxy and I can forward the identity of the users to signserver. However, if a user tries to sign with a worker he is not allowed to use, an authentication pop-up will appear and entering the username of someone allowed to use this worker will sign the file, instead of redirecting to a page reading "Authorization...

Hello, I want to sign containers with SignServer. I saw in the documentation that we can use client side hash signing to do it but I want something compatible with popular containers' runtimes (containerd, podman, CRI-O) and not have to do some openssl/openPGP commands to verify the signature. Is it possible with SignServer at the moment ? If not, are you thinking about implementing this feature ? What's your point of view about this ? Thanks a lot in advance. Regards.