1

I am trying to set up docker so that it works with a modified version of notary, that pulls the private keys from my HSM.

For this I am using this fork from notary: https://github.com/gemalto/notary

The notary command is working, I can sign files without a problem and the private keys are stored in my HSM. I can't seem to be able to make docker use my modified notary though. Is there a way to for example change some bin files or modify a config file to get my desired effect?

What I am trying to do is to modify the command docker trust sign such that it uses my modified notary and pulls the root-key from the HSM.

Edin Citaku
  • 23
  • 4

1 Answers1

0

It looks like you need to build Docker CLI with https://github.com/gemalto/notary :

When you run a docker pull command, Docker Engine is using an integrated Notary library (the same one as Notary CLI)

Taken from https://docs.docker.com/notary/getting_started/

Saar peer
  • 817
  • 6
  • 21