I would like to create a private Docker registry, and at the same time I would like to sign the images stored in there, and use Docker capability of checking the signature at container creation time.
I would like to ask, is this “signed image” option available for a private Docker registry? If yes, could you please help in finding a description about how to sign images for a private Docker registry?
signed images is something that will be implemented in the next generation registry - right now, its essentially a tech preview for official images only.
As I understand it, we’re working towards a release next year - though there are related proposals and pull requests on the docker repository that are starting to build up the base functionality.
Sven,
Since now it’s next year now from when you posted this response has the ability to sign images in a private registry been done? Or do you have a time frame,release? For my work I have to have a private registry and it can not have internet access. It need to be totally air gaped from any other network. This is a key feature for me as we are looking at docker as a means by which to increase application security and signing images would be a basic requirement since it’s basically mobile code.