I am attempting to sign a docker image with Azure Container Registry. I am running into trouble with actually using the certificates. My truncated certificate, downloaded with private key, looks like this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
When I try to use it I run into a few errors that don’t make sense to me.
docker trust key load .\qa-wildcard-mccloudplatform.pem --name ralph.compton
key name “ralph.compton” must start with lowercase alphanumeric characters and can include “-” or “_” after the first character
docker trust key load .\qa-wildcard-mccloudplatform.pem --name ralph
Loading key from “.\qa-wildcard-mccloudplatform.pem”…
error importing key from .\qa-wildcard-mccloudplatform.pem: provided file .\qa-wildcard-mccloudplatform.pem is not a supported private key - to add a signer’s public key use docker trust signer add
I copied just the private portion without the header and footer into a file named, qa-wildcard-mccloudplatform-private.pem, and tried with the following line:
docker trust key load .\qa-wildcard-mccloudplatform-private.pem --name ralph
Loading key from “.\qa-wildcard-mccloudplatform-private.pem”…
error importing key from .\qa-wildcard-mccloudplatform-private.pem: provided file .\qa-wildcard-mccloudplatform-private.pem is not a supported private key - to add a signer’s public key use docker trust signer add
I think the problem is that I don’t know what a key is even supposed to look like. I have tried certificates in PFX and PEM format. None of them seem to work. The documentation assumes a lot of knowledge about this topic.