cosign icon indicating copy to clipboard operation
cosign copied to clipboard
verified publisher icon sigstore

cosign doesn't use the right endpoint for Azure Key Vault on Azure Government

Open nicolaschaillan opened this issue 2 years ago • 2 comments

Description

When trying to sign using a keyvault and container registry on Azure Government, the cosign cli calls the wrong endpoint for token:

It calls:

https://login.microsoftonline.com/***/oauth2/token?api-version=1.0

Instead of: [https://login.microsoftonline.us/{tenant_id}/oauth2/token`

You would need to create a new parameter in the CLI for Azure Government so that the right endpoint would then be called.

Version

All

nicolaschaillan avatar Jun 28 '23 02:06 nicolaschaillan

Thanks for filing this issue and https://github.com/sigstore/cosign/issues/3094. I'm looking into the root cause of these issues now

malancas avatar Jun 28 '23 19:06 malancas

The newest version of Cosign include a fix that should resolve this issue. But please let me know if you are still encountering the issue with the new version of Cosign.

malancas avatar Sep 05 '23 16:09 malancas