https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/Recent content in Fulcio onHugo -- gohugo.ioen-USTue, 06 Oct 2020 08:49:15 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/an-introduction-to-fulcio/Fri, 19 Aug 2022 08:49:31 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/an-introduction-to-fulcio/An earlier version of this material was published in the Fulcio chapter of the Linux Foundation Sigstore course. Fulcio is a certificate authority that binds public keys to identities such as email addresses (such as a Google account) using OpenID Connect, essentially notarizing a short-lived key pair against a particular login. A certificate authority issues digital certificates that certify that a particular public key is owned by a particular entity. The certificate authority therefore serves as a trusted third party, helping parties that need to attest and verify identities.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/how-to-generate-a-fulcio-certificate/Fri, 19 Aug 2022 08:49:31 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/how-to-generate-a-fulcio-certificate/An earlier version of this material was published in the Fulcio chapter of the Linux Foundation Sigstore course. In this tutorial, we are going to create and examine a Fulcio certificate to demonstrate how Fulcio can work in practice. To follow along, you will need Cosign installed on your local system. If you haven’t installed Cosign yet, you can follow the instructions described in How to Install Cosign, or you can follow one of the installation methods described in the official documentation.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/how-to-inspect-and-verify-fulcio-certificates/Fri, 19 Aug 2022 08:49:31 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/how-to-inspect-and-verify-fulcio-certificates/An earlier version of this material was published in the Fulcio chapter of the Linux Foundation Sigstore course. To inspect a certificate generated by Fulcio, we will first decode it with the base64 command line tool, which is used for encoding and decoding binary to text. Base64 is widely used on the world wide web for binary-to-text encoding. You can check whether the tool is installed by checking whether base64 --help will run.