"oc adm verify-image-signature" fails due to x509: certificate signed by unknown authority
Issue
oc adm verify-image-signature
always fails withx509: certificate signed by unknown authority
error.
# oc adm verify-image-signature sha256:xxx --expected-identity=docker-registry.default.svc:5000/test-project/centos --public-key /root/.gnupg/pubring.gpg
error verifying signature sha256:xxx@xxx for image sha256:xxx (verification status will be removed): failed to get image "sha256:xxx" manifest: Get https://docker-registry.default.svc:5000/v2/: x509: certificate signed by unknown authority
... snip ...
- How to specify cert for
expected-identity
likedocker-registry.default.svc
?
Environment
- OpenShift Container Platform
- 3.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.