How to fix Docker “missing signature key” client error

Shai Ben-Zvi
2019-04-14 11:17

Subject 

How to fix Docker "missing signature key" client error 

Description

During 'docker pull' request, you may encounter the "missing signature key" error from the Docker client.
According to our previous experience, this error happens when one or more properties of the manifest.json file are missing or may be wrong.

Resolution

Since the issue can be caused due to replication wasn't finished correctly, the simplest way to fix it is to re-push or re-replicate the image.
If this is not possible, you may manually add the missing properties of the manifest.json.

The relevant properties for the manifest.json are as follows:

docker.manifest
docker.manifest.digest
docker.manifest.type
docker.repoName
sha256

The values should be set as follow:
The docker.manifest value is the name of the tag/docker-folder in Artifactory, for example:

User-added image

The docker.manifest.digest value is using the following format: "sha256:<sha256 value of the manifest.json>" – this can be taken from the general tab of the manifest.json 'Checksums' section:

User-added image
The docker.manifest.type value is the manifest type which in most cases is "application/vnd.docker.distribution.manifest.v2+json".
The docker.repoName value is the name of the image/folder (which represents the image in Artifactory), for example:

User-added image

The sha256 is also the SHA-256 of the manifest.json file.