policy-controller icon indicating copy to clipboard operation
policy-controller copied to clipboard
verified publisher icon sigstore

Getting x509: certificate signed by unknown authority Error after applying ClusterImagePolicy

Open senanz opened this issue 1 year ago • 0 comments

I have installed policy-controller pod and it's running and in ready status: image Then created TrustRoot and CIP successfully: image The issue when i trying to run kubectl get CIP I'm getting this error: Error from server: conversion webhook for policy.sigstore.dev/v1alpha1, Kind=ClusterImagePolicy failed: Post "https://webhook.ncms.svc:443/?timeout=30s": x509: certificate signed by unknown authority

image_policy.yaml: apiVersion: policy.sigstore.dev/v1alpha1 kind: ClusterImagePolicy metadata: name: demo2 spec: images:

  • glob: "my-registry:5000/**" authorities:
  • name : keyless keyless: trustRootRef: my-sigstore-keys2 url: https://fulcio.mysigstore.dev insecureIgnoreSCT: true identities:
    • issuerRegExp: '.' subjectRegExp: '.'

Anyone face the same issue before?

senanz avatar Jan 31 '24 09:01 senanz