Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1102
Views
0
Helpful
1
Replies

IOx docker application package signing

smulye
Level 1
Level 1

‎07-23-2021 10:06 PM

Hello

I want to sign my docker application package that I am hosing on a Catalyst 9300. I am following the steps from this guide:

https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/iox/212472-configure-iox-package-signature-validati.html

I have generated a trust anchor tarball but when I try to import it on my 9300 device using ioxclient tool, I get this error:

 #./ioxclient platform signedpackages trustanchor set trustanchorv1.tar.gz
Currently active profile :  default
Command Name:  plt-sign-pkg-ta-set
Cannot unmarshal response from server to JSON. Malformed response.
Error occurred :  Trust anchor management is not enabled on this platform.

How do I fix this issue? Am I missing any configuration to enable "Trust anchor management"?

Any help would be much appreciated. Thanks in advance. 

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Alex Stevenson
Cisco Employee
Cisco Employee

‎08-09-2022 11:57 AM

I couldn't find a repeat of this issue on the Interwebs and it's not mentioned in the Docs.

Duplicate post of this discussion found in other relevant forum: 

https://community.cisco.com/t5/devnet-sandbox/application-package-signing-on-iox-catalyst-9000-sandbox/td-p/4438544

The issue might be this is being tried in a sandbox (VM) and Trust Anchor is rooted in hardware.

0 Helpful
Customers Also Viewed These Support Documents