Sign and download trusted images

2 minute read

Once you have images in your repository, you can sign them to let’s other know the image has passed a verification procedure.


  • Docker to sign container images in your registry
  • Connectivity to the registry (including credentials)
  • Connectivity to the notary server (including credentials)
  • An already existing container image in the repository (and locally)


Make sure you know the Harbor external hostname, username and password along with the notary external hostname.

Let’s assume these values in this example:

  • Harbor Hostname:
  • Notary Hostname:
  • Username: admin
  • Password: Harbor12345

Then log in to the registry:

$ docker login -u admin -pHarbor12345
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded

Export the following environment variable to let us Docker know that has to verify signatures against a notary server.

  • DOCKER_CONTENT_TRUST: Enables/Disables signatures verification.
  • DOCKER_CONTENT_TRUST_SERVER: Indicates what is the verification server.

Try to download the previously pushed ubuntu:16.04 image:

$ docker pull
Error: remote trust data does not exist for does not have trust data for

You can not update it because it does not have any signature. You can check it in the UI:

ubuntu not signed

Let’s sign it:

$ docker push
The push refers to repository []
64d2e4aaa54c: Layer already exists
0d3833376c2f: Layer already exists
4a048ea09024: Layer already exists
b592b5433bbf: Layer already exists
16.04: digest: sha256:a4fc0c40360ff2224db3a483e5d80e9164fe3fdce2a8439d2686270643974632 size: 1150
Signing and pushing trust metadata
Enter passphrase for root key with ID 219e1af:
Enter passphrase for new repository key with ID 2942d87:
Repeat passphrase for new repository key with ID 2942d87:
Finished initializing ""
Successfully signed

As you can see, now docker requires us to specify a couple of passwords:

  • root key. Required because is the first image we are signing in the entire registry
  • repository key. Required because 16.04 tag in the ubuntu repository is the first tag signed for the ubuntu image.

If you want to learn more about how the keys works, read the official documentation site

Now you can verify the container image is now signed in the UI:


Try to download the image again:

$ docker pull
Pull (1 of 1):
sha256:a4fc0c40360ff2224db3a483e5d80e9164fe3fdce2a8439d2686270643974632: Pulling from library/ubuntu
Digest: sha256:a4fc0c40360ff2224db3a483e5d80e9164fe3fdce2a8439d2686270643974632
Status: Image is up to date for
Tagging as

Now docker pull command works as expected!

Feel free to continue to the clair section to discover vulnerabilities in the image.