You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ signy --tlscacert=/Users/trishank.kuppusamy/go/src/github.com/theupdateframework/notary/cmd/notary/root-ca.crt --server=https://localhost:4443 --log=debug sign testdata/cnab/bundle.json localhost:5000/cnab/helloworld:0.1.1
DEBU[0000] Fixing up bundle localhost:5000/cnab/helloworld:0.1.1
DEBU[0000] Updating entry in relocation map for "cnab/helloworld:0.1.1"
INFO[0000] Starting to copy image cnab/helloworld:0.1.1
INFO[0000] Failed to copy image cnab/helloworld:0.1.1: failed to do request: Head http://localhost:5000/v2/cnab/helloworld/blobs/sha256:58e6f39290459b6563b348052b2a1a8cf2a44fac19a80ae0da36c82a32f151f8: net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x15\x03\x01\x00\x02\x02"
Error: failed to do request: Head http://localhost:5000/v2/cnab/helloworld/blobs/sha256:58e6f39290459b6563b348052b2a1a8cf2a44fac19a80ae0da36c82a32f151f8: net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x15\x03\x01\x00\x02\x02"
Usage:
signy sign [file] [target reference] [flags]
Flags:
-h, --help help for sign
--in-toto Adds in-toto metadata to TUF. If passed, the root layout, links directory, and root kyes must be supplied
--layout string Path to the in-toto root layout file
--layout-key string Path to the in-toto root layout public keys
--links string Path to the in-toto links directory
--root-key string Root key to initialize the repository with
--thick Signs a thick bundle. If passed, only the signature is pushed to the trust server, not the bundle file
Global Flags:
-d, --dir string Directory where the trust data is persisted to (default "/Users/trishank.kuppusamy/.signy")
--log string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--server string The trust server used (default "https://notary.docker.io")
-t, --timeout string Timeout for the trust server (default "5s")
--tlscacert string Trust certs signed only by this CA
failed to do request: Head http://localhost:5000/v2/cnab/helloworld/blobs/sha256:58e6f39290459b6563b348052b2a1a8cf2a44fac19a80ae0da36c82a32f151f8: net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x15\x03\x01\x00\x02\x02"
signy --tlscacert=/Users/trishank.kuppusamy/go/src/github.com/theupdateframework/notary/cmd/notary/root-ca.crt --server=https://localhost:4443 --log=debug sign testdata/cnab/bundle.json localhost:5000/cnab/helloworld:0.1.1
DEBU[0000] Fixing up bundle localhost:5000/cnab/helloworld:0.1.1
DEBU[0000] Updating entry in relocation map for "cnab/helloworld:0.1.1"
INFO[0000] Starting to copy image cnab/helloworld:0.1.1
INFO[0001] Completed image cnab/helloworld:0.1.1 copy
DEBU[0001] Bundle fixed
INFO[0001] Generated relocation map: relocation.ImageRelocationMap{"cnab/helloworld:0.1.1":"localhost:5000/cnab/helloworld@sha256:a59a4e74d9cc89e4e75dfb2cc7ea5c108e4236ba6231b53081a9e2506d1197b6"}
DEBU[0001] Pushing CNAB Bundle localhost:5000/cnab/helloworld:0.1.1
DEBU[0001] Pushing CNAB Bundle Config
DEBU[0001] Trying to push CNAB Bundle Config
DEBU[0001] CNAB Bundle Config Descriptor
DEBU[0001] {
"mediaType": "application/vnd.cnab.config.v1+json",
"digest": "sha256:c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5",
"size": 501
}
DEBU[0001] Trying to push CNAB Bundle Config Manifest
DEBU[0001] CNAB Bundle Config Manifest Descriptor
DEBU[0001] {
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:c88087935c91817e3421c41794ace533f597428d4a9617bf7a6de5bc4200d8da",
"size": 188
}
DEBU[0001] CNAB Bundle Config pushed
DEBU[0001] Pushing CNAB Index
DEBU[0001] Trying to push OCI Index
DEBU[0001] {"schemaVersion":2,"manifests":[{"mediaType":"application/vnd.oci.image.manifest.v1+json","digest":"sha256:c88087935c91817e3421c41794ace533f597428d4a9617bf7a6de5bc4200d8da","size":188,"annotations":{"io.cnab.manifest.type":"config"}},{"mediaType":"application/vnd.docker.distribution.manifest.v2+json","digest":"sha256:a59a4e74d9cc89e4e75dfb2cc7ea5c108e4236ba6231b53081a9e2506d1197b6","size":942,"annotations":{"io.cnab.manifest.type":"invocation"}}],"annotations":{"io.cnab.keywords":"[\"helloworld\",\"cnab\",\"tutorial\"]","io.cnab.runtime_version":"v1.0.0-WD","org.opencontainers.artifactType":"application/vnd.cnab.manifest.v1","org.opencontainers.image.authors":"[{\"name\":\"Jane Doe\",\"email\":\"[email protected]\",\"url\":\"https://example.com\"}]","org.opencontainers.image.description":"A short description of your bundle","org.opencontainers.image.title":"helloworld","org.opencontainers.image.version":"0.1.1"}}
DEBU[0001] OCI Index Descriptor
DEBU[0001] {
"mediaType": "application/vnd.oci.image.index.v1+json",
"digest": "sha256:b4936e42304c184bafc9b06dde9ea1f979129e09a021a8f40abc07f736de9268",
"size": 929
}
DEBU[0001] CNAB Index pushed
DEBU[0001] CNAB Bundle pushed
INFO[0001] Pushed successfully, with digest "sha256:b4936e42304c184bafc9b06dde9ea1f979129e09a021a8f40abc07f736de9268"
DEBU[0001] cannot get default credentials: authentication not found for trust server https://localhost:4443
DEBU[0001] Making dir path: /Users/trishank.kuppusamy/.signy/tuf/localhost/changelist
DEBU[0001] entered ValidateRoot with dns: localhost
DEBU[0001] found the following root keys: [f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9]
DEBU[0001] found 1 valid leaf certificates for localhost: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] found 1 leaf certs, of which 1 are valid leaf certs for localhost
DEBU[0001] checking root against trust_pinning config for localhost
DEBU[0001] checking trust-pinning for cert: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] role has key IDs: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] verifying signature for key ID: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] root validation succeeded for localhost
DEBU[0001] entered ValidateRoot with dns: localhost
DEBU[0001] found the following root keys: [f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9]
DEBU[0001] found 1 valid leaf certificates for localhost: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] found 1 leaf certs, of which 1 are valid leaf certs for localhost
DEBU[0001] checking root against trust_pinning config for localhost
DEBU[0001] checking trust-pinning for cert: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] role has key IDs: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] verifying signature for key ID: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] root validation succeeded for localhost
DEBU[0001] updating TUF client
DEBU[0001] Loading timestamp...
DEBU[0001] 200 when retrieving metadata for timestamp
DEBU[0001] timestamp role has key IDs: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] verifying signature for key ID: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] timestamp role has key IDs: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] verifying signature for key ID: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] successfully verified downloaded timestamp
DEBU[0001] Loading snapshot...
DEBU[0001] cached snapshot is invalid (must download): sha256 checksum for snapshot did not match: expected bf3b30295e102d65d567c2644980d748ebe8b1c8b1981c46edbabd547ac75512
DEBU[0001] 200 when retrieving metadata for snapshot.bf3b30295e102d65d567c2644980d748ebe8b1c8b1981c46edbabd547ac75512
DEBU[0001] snapshot role has key IDs: 83abf5bc3119245b26d6af7542f87a8c30e625d3cc62078123d517f2ad48fc80
DEBU[0001] verifying signature for key ID: 83abf5bc3119245b26d6af7542f87a8c30e625d3cc62078123d517f2ad48fc80
DEBU[0001] snapshot role has key IDs: 83abf5bc3119245b26d6af7542f87a8c30e625d3cc62078123d517f2ad48fc80
DEBU[0001] verifying signature for key ID: 83abf5bc3119245b26d6af7542f87a8c30e625d3cc62078123d517f2ad48fc80
DEBU[0001] successfully verified downloaded snapshot.bf3b30295e102d65d567c2644980d748ebe8b1c8b1981c46edbabd547ac75512
DEBU[0001] Loading targets...
DEBU[0001] targets role has key IDs: c3bfdf9b15f43aebe73ae2011c3b101176c448a69057e48867a2cfab0ec30c97
DEBU[0001] verifying signature for key ID: c3bfdf9b15f43aebe73ae2011c3b101176c448a69057e48867a2cfab0ec30c97
DEBU[0001] successfully verified cached targets
DEBU[0001] Adding target "5000/cnab/helloworld" with sha256 "c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5" and size 501 bytes.
DEBU[0001] entered ValidateRoot with dns: localhost
DEBU[0001] found the following root keys: [f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9]
DEBU[0001] found 1 valid leaf certificates for localhost: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] found 1 leaf certs, of which 1 are valid leaf certs for localhost
DEBU[0001] checking root against trust_pinning config for localhost
DEBU[0001] checking trust-pinning for cert: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] role has key IDs: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] verifying signature for key ID: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] root validation succeeded for localhost
DEBU[0001] entered ValidateRoot with dns: localhost
DEBU[0001] found the following root keys: [f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9]
DEBU[0001] found 1 valid leaf certificates for localhost: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] found 1 leaf certs, of which 1 are valid leaf certs for localhost
DEBU[0001] checking root against trust_pinning config for localhost
DEBU[0001] checking trust-pinning for cert: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] role has key IDs: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] verifying signature for key ID: f01c4109378763e9908eeed725c691586aa7c1b735c312989f64270f7925a9b9
DEBU[0001] root validation succeeded for localhost
DEBU[0001] 200 when retrieving metadata for root
DEBU[0001] updating TUF client
DEBU[0001] Loading timestamp...
DEBU[0001] 200 when retrieving metadata for timestamp
DEBU[0001] timestamp role has key IDs: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] verifying signature for key ID: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] timestamp role has key IDs: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] verifying signature for key ID: 919e5d9116881bfdfb2cc8d02f4836b2da7894c6c4bb65a0078333228aff945d
DEBU[0001] successfully verified downloaded timestamp
DEBU[0001] Loading snapshot...
DEBU[0001] snapshot role has key IDs: 83abf5bc3119245b26d6af7542f87a8c30e625d3cc62078123d517f2ad48fc80
DEBU[0001] verifying signature for key ID: 83abf5bc3119245b26d6af7542f87a8c30e625d3cc62078123d517f2ad48fc80
DEBU[0001] successfully verified cached snapshot
DEBU[0001] Loading targets...
DEBU[0001] targets role has key IDs: c3bfdf9b15f43aebe73ae2011c3b101176c448a69057e48867a2cfab0ec30c97
DEBU[0001] verifying signature for key ID: c3bfdf9b15f43aebe73ae2011c3b101176c448a69057e48867a2cfab0ec30c97
DEBU[0001] successfully verified cached targets
DEBU[0001] changelist add: 5000/cnab/helloworld
Enter passphrase for targets key with ID c3bfdf9:
DEBU[0005] applied 1 change(s)
DEBU[0005] signing snapshot...
DEBU[0005] sign called with 1/1 required keys
Enter passphrase for snapshot key with ID 83abf5b:
DEBU[0006] sign called with 0/0 required keys
INFO[0006] Pushed trust data for localhost:5000/cnab/helloworld:0.1.1: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
Most likely has to do with using self-signed TLS cert.
The text was updated successfully, but these errors were encountered:
Steps to reproduce:
Run scripts/stop.sh.
Run scripts/signy-start.sh.
Most likely has to do with using self-signed TLS cert.
The text was updated successfully, but these errors were encountered: