Fixed
Details
Assignee
Lluis CamposLluis CamposReporter
Mirza KrakMirza KrakLabels
Priority
(None)Days in progress
0Fix versions
Sprint
NoneBacklog
yes
Details
Details
Assignee
Lluis Campos
Lluis CamposReporter
Mirza Krak
Mirza KrakLabels
Priority
(None)Days in progress
0
Fix versions
Sprint
None
Backlog
yes
Zendesk Support
Zendesk Support
Zendesk Support
Checklist
Checklist
Checklist
Created September 24, 2019 at 8:27 AM
Updated June 29, 2020 at 6:32 PM
Resolved October 2, 2019 at 8:33 AM
The "mender-artifact validate" command returns success even though the Artifact is signed and it does not seem to check the signature.
My expectation was for it to fail unless I pass the "-k" option if the Artifact is signed. If the command is working as intended we should update the description what is validated when.
mender-artifact validate my-container-update-1.0-signed.mender Artifact file 'my-container-update-1.0-signed.mender' validated successfully $ mender-artifact read my-container-update-1.0-signed.mender Mender artifact: Name: my-container-update-1.0 Format: mender Version: 3 Signature: signed; verification using provided key failed Compatible devices: '[my-device-type]' Provides group: Depends on one of artifact(s): [] Depends on one of group(s): [] State scripts: Updates: 0: Type: docker Provides: Nothing Depends: Nothing Metadata: { "containers": [ "debian@sha256:e25b64a9cf82c72080074d6b1bba7329cdd752d51574971fd37731ed164f3345" ] }