During a Docker pull request, the Docker client may return a missing signature key error. This might occur when one or more properties of the manifest.json file are missing or incorrect.
As this issue can be caused by a replication that didn't finish correctly in Artifactory, the simplest resolution of this problem is to re-push or re-replicate the troublesome image. If this isn’t possible, you can manually add the missing properties of the manifest.json.
The relevant properties for the manifest.json are:
docker.manifest docker.manifest.digest docker.manifest.type docker.repoName sha256
The values for these should be set such that the docker.manifest value is the name of the tag/docker-folder in Artifactory.
For example:
The docker.manifest.digest value should adhere to the following format: sha256:<sha256 value of the manifest.json>. This can be taken from the Checksums section under the General tab of the manifest.json:
The docker.manifest.type value is the manifest type which, in most cases, will be:
application/vnd.docker.distribution.manifest.v2+json
The docker.repoName value is the name of the image/folder (which represents the image in Artifactory). For example:
The sha256 is also the SHA-256 of the manifest.json file.
Published: Feb. 3, 2020
Last updated: May. 30, 2021
Keywords: docker