notation icon indicating copy to clipboard operation
notation copied to clipboard
verified publisher icon notaryproject

Support signing certificate and certificate chain in Configuration file

Open priteshbandi opened this issue 4 years ago • 2 comments

  • Along with signingKey(private key) we will need signing certificate and certificate chain as signing certificate and certchain will be embedded in signature envelope.
  • Also, how about using default name for default identity? Although this works better with INI format.
"signing-identites": [
  {
      "name": "default",
      "signing-certificate": "~/./notary/keys/wabbit-networks.crt",
      "signing-certificate-chain": ""~/./notary/keys/wabbit-networks-chain.crt",
      "private-key": "~/./notary/keys/wabbit-networks.key"
  },
  {
      "name": "import-acme-rockets",
      "signing-certificate": "~/./notary/keys/import-acme-rockets.crt",
      "signing-certificate-chain": ""~/./notary/keys/import-acme-rockets-chain.crt",
      "private-key": "~/./notary/keys/import-acme-rockets.key"
  }
]

Originally posted by @priteshbandi in https://github.com/notaryproject/notation/pull/76#discussion_r700565207

priteshbandi avatar Sep 10 '21 22:09 priteshbandi

@priteshbandi - what's the status of this being implemented?

dtzar avatar Jul 11 '22 17:07 dtzar

This capability is to allow signing with local keys and certificate (certificate chains).

iamsamirzon avatar Jul 15 '22 20:07 iamsamirzon

Tracking it in https://github.com/notaryproject/roadmap/issues/31

priteshbandi avatar Nov 23 '22 17:11 priteshbandi