Closed philwelz closed 9 months ago
@haydentherapper Any thoughts of what changed in v2.2.1 ?
@malancas any guesses if anything changed with the azure code?
The same problem?
Error: no matching signatures: unable to verify RFC3161 timestamp bundle: no TSA root certificate(s) provided to verify timestamp
main.go:69: error during command execution: no matching signatures: unable to verify RFC3161 timestamp bundle: no TSA root certificate(s) provided to verify timestamp
Not sure, but maybe this code broke us https://github.com/sigstore/cosign/compare/v2.2.0...v2.2.1#diff-8a85c8e688d61e16b8af8e09832ed2bef89c1163b0e9601a8363c782c387c006L651
@haydentherapper I'm only seeing minor and patch updates to the underlying Azure dependencies but I'll take a look at what changed and see if anything stands out.
@philwelz Are you still having this issue with the latest version of Cosign?
I am unable to replicate this, if this issue continues, feel free to reopen.
Description
Cosign 2.2.1 seems to have an issue with verify:
Howeber, running the same command with 2.2.0 works
Version