Signed images in a private Docker registry

Dear All,

I would like to create a private Docker registry, and at the same time I would like to sign the images stored in there, and use Docker capability of checking the signature at container creation time.

I would like to ask, is this “signed image” option available for a private Docker registry? If yes, could you please help in finding a description about how to sign images for a private Docker registry?

Thank you!

Best regards,
Laszlo Janosi

1 Like

Hello Laszlo,

signed images is something that will be implemented in the next generation registry - right now, its essentially a tech preview for official images only.

As I understand it, we’re working towards a release next year - though there are related proposals and pull requests on the docker repository that are starting to build up the base functionality.

Sven

Hi Sven,

Thank you for the fast answer! I understand the situation.

Br,

Laszlo

Sven,
Since now it’s next year now from when you posted this response has the ability to sign images in a private registry been done? Or do you have a time frame,release? For my work I have to have a private registry and it can not have internet access. It need to be totally air gaped from any other network. This is a key feature for me as we are looking at docker as a means by which to increase application security and signing images would be a basic requirement since it’s basically mobile code.

v/r,
Frank