Authenticating an asset means checking if the asset is present in the ledger in Trustcenter. If the asset is present, the command returns the status of the asset.
- if the status is
trusted, the exit code of the command is 0 - if the status is
untrusted, the exit code of the command is 1 - if the status is
unsupported, the exit code of the command is 3
If the asset is not present, the command returns an error message (with exit code 2).
The basic syntax is as follows:
$ vcn authenticate <asset>
You can use short form of the command:$ vcn a instead of vcn authenticate
You can authenticate different types of objects:
$ vcn authenticate <file>
$ vcn authenticate dir://<directory>
$ vcn authenticate image://<imageId> (eg. vcn a image://open-liberty:latest)
$ vcn authenticate docker://<imageId> (deprecated, please use image)
$ vcn authenticate podman://<imageId>
$ vcn authenticate git://<path_to_git_repo>
$ vcn authenticate --hash <hash>
Authenticate assets based on a signerID:
$ vcn authenticate --signerID identityname image://hello-world
More information on notarization with SBOM is in the SBOM chapter.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article