How do I manage public/private key pairs?

Commands

Use the following commands as needed to retrieve information and manage custom key information.

Keys owned by Nokia cannot be managed.

Viewing and saving key details

If a public key contains an invalid author name such as Nokia, the metadata includes the following line: cam.additionalInfo: value of author is not valid. If this line is present, a signature using this key is not valid.

Revoking a key

Only one public key can be in use per author. If a private key has been compromised and a new keypair is required, the old key must be revoked before the new key can be created and installed.

To revoke a key:

kubectl -n namespace delete secrets name -o yaml ↵

where namespace and name are the namespace and the name of the public key, as displayed by the list command.

If a key has been revoked and replaced, all artifact bundles that were signed with the old key must be signed again. Artifact bundles that are already installed are not affected.