Verify Index Signature

JFrog Artifactory Documentation
Products
JFrog Artifactory
Content Type
User Guide

To use RSA keys, you must add the keys into your /etc/apk/keys folder to verify the index signature.

To verify the index signature:

Run this command:

wget -O /etc/apk/keys/rsa_tst.rsa.pub https://<USERNAME>:<AUTH_TOKEN>@[JFrogPlatformURL]/artifactory/api/security/keypair/public/repositories/<REPO_NAME>

Where:

  • <USERNAME>: Your Artifactory username

  • <AUTH_TOKEN>: Your Artifactory identity token

  • [JFrogPlatformURL]: The base URL of your JPD

  • <REPO_NAME>: The name of the Alpine repository in Artifactory

For example:

wget -O /etc/apk/keys/rsa_tst.rsa.pub https://jeffry:AKCp89XxY7wLPqL6vK3Dds7Hgjd981n0@company.jfrog.io/artifactory/api/security/keypair/public/repositories/alpine-local

Note

You can also use JFrog Set me up to copy the snippet populated with your token and environment. For more information, see Use Artifactory Set Me Up for Configuring Package Manager Clients.

Next steps: