An administrator should perform the following procedures before you begin uploading evidence to Artifactory:
Create a Key Pair for Evidence
Artifactory supports the following key types for signing and verifying evidence:
The commands for each key type are described in the sections that follow.
Create an RSA Key Pair
To create an RSA key pair for signing and verifying evidence, issue the following commands on your computer:
openssl genrsa -out private.pem 2048 openssl rsa -in private.pem -pubout -out public.pem
Create an EC Key Pair
To create an EC key pair for signing and verifying evidence, issue the following commands on your computer:
openssl ecparam -name secp256r1 -genkey -noout -out private.pem openssl ec -in private.pem -pubout > public.pem
Create an ED25519 Key Pair
To create an ED25519 key pair for signing and verifying evidence, issue the following commands on your computer:
openssl genpkey -algorithm ed25519 -out private.pem openssl pkey -in private.pem -pubout -out public.pem
Important
It is recommended to use a command line-based copy command, such as pccopy, to copy the private key into Artifactory instead of cutting-and-pasting from the terminal UI, which can add stray special characters to the key.
Upload the Public Key to Artifactory
After creating the key pair, it is recommended that the administrator upload the public key to Artifactory so that it can be used to verify the evidence on the server. The public key can be uploaded using the platform UI or an API.
Upload the Public Key using the Platform UI
For step-by-step instructions, see Manage Public Keys.
Upload the Public Key using the REST API
For step-by-step instructions, see the Set Distribution Public GPG Key.