notaryproject
Use a self-signed certificate
What is not working as expected?
Currently, I am unable to use any of the providers offered in your utility. I can only use self-signed certificates and add them to signingkeys.json. However, I keep encountering different errors each time I try, such as:
Error: certificate-chain is invalid, certificate with subject "": extended key usage must not contain ServerAuth eku (mkcert/openssl tools)
Crypto/Rsa: verification error (certs from vault)
Could someone help me generate a certificate that will pass validation with this utility? Alternatively, if it's possible to increase the validity period of the generate-test certificate, that would also be helpful.
Thank you in advance!
What did you expect to happen?
Use self-signed certificates normally
How can we reproduce it?
Mkcert Openssl generate
Describe your environment
Zsh
What is the version of your Notation CLI or Notation Library?
notation version 0.10.0-alpha.3
Hi @justlucknb , where did you store the generated key and cert? Is there a key management system like HashiCorp Vault?
This issue is stale because it has been opened for 60 days with no activity. Remove stale label or comment. Otherwise, it will be closed in 30 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}