endpoint 'sign' is disabled

I am getting endpoint 'sign' is disabled: {"code":5200,"message":"Invalid or unknown policy"} in CFSSL logs.

I followed tutorial part1 & part2 for setting up CFSSL using v1.4.1

Dockerfile :

FROM golang:1.13.3@sha256:6a693fbaba7dd8d816f6afce049fb92b280c588e0a677c4c8db26645e613fc15

COPY ./cfssl /cfssl

WORKDIR /cfssl

RUN git clone https://github.com/cloudflare/cfssl_trust.git /etc/cfssl && \
    make clean && \
    make bin/rice && ./bin/rice embed-go -i=./cli/serve && \
    make all && cp bin/* /usr/bin/

EXPOSE 8888 8889

ENTRYPOINT ["cfssl"]
CMD ["serve", "-db-config=/config/db-connect.json", "-ca=/cert/server.pem", "-ca-key=/cert/server-key.pem", "-config=/config/config.json", "-responder=/cert/ocsp.pem", "-responder-key=/cert/ocsp-key.pem", "-address=0.0.0.0"]

config.json :

    {
      "signing": {
        "default": {
          "auth_key": "key1",
          "ocsp_url": "http://localhost:8889",
          "crl_url": "http://localhost:8888/crl",
          "expiry": "26280h"
        },
        "profiles": {
          "intermediate": {
            "auth_key": "key1",
            "expiry": "43800h",
            "usages": [
              "signing",
              "key encipherment",
              "cert sign",
              "crl sign"
            ],
            "ca_constraint": {
              "is_ca": true,
              "max_path_len": 1
            }
          },
          "ocsp": {
            "auth_key": "key1",
            "usages": [
              "digital signature",
              "ocsp signing"
            ],
            "expiry": "26280h"
          },
          "CA": {
            "auth_key": "key1",
            "expiry": "43800h",
            "usages": [
              "signing",
              "key encipherment",
              "server auth",
              "cert sign",
              "crl sign"
            ]
          },
          "server": {
            "auth_key": "key1",
            "expiry": "43800h",
            "usages": [
              "signing",
              "key encipherment",
              "server auth"
            ]
          },
          "client": {
            "auth_key": "key1",
            "expiry": "43800h",
            "usages": [
              "signing",
              "key encipherment",
              "client auth",
              "email protection"
            ]
          }
        }
      },
      "auth_keys": {
        "key1": {
          "key": "3e6cb001c374c886fe61a276ecbb72ff",
          "type": "standard"
        }
      }
    }

This is what I see in the log file

2020/04/14 19:23:25 [INFO] Initializing signer
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/scan' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/ocspsign' is enabled
2020/04/14 19:23:25 [INFO] setting up key / CSR generator
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/newkey' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/init_ca' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/revoke' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/health' is enabled
2020/04/14 19:23:25 [INFO] bundler API ready
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/bundle' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/certinfo' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/crl' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/newcert' is enabled
2020/04/14 19:23:25 [WARNING] endpoint 'sign' is disabled: {"code":5200,"message":"Invalid or unknown policy"}
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/authsign' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/scaninfo' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/info' is enabled
2020/04/14 19:23:25 [INFO] endpoint '/api/v1/cfssl/gencrl' is enabled
2020/04/14 19:23:25 [INFO] Handler set up complete.
2020/04/14 19:23:25 [INFO] Now listening on 0.0.0.0:8888

cloudflare / cfssl

endpoint 'sign' is disabled #1096