I have little idea in security aspects in and outside docker world. As the document states, I tried the below command
docker trust key generate jeff
Whenever I run this command first time it will automatically generate a root key. Isn't it possible to generate a root key based on my own existing pem file? I have checked docker and notary client/ server etc there is no information regarding this. I hope this is a valid question.
Yes we can do that
Reference Link:https://docs.docker.com/engine/reference/commandline/trust_key_load/#:~:text=docker%20trust%20key%20load%20adds%20private%20keys%20to,this%20command%2C%20refer%20to%20the%20examples%20section%20below.
Below are the steps to load existing pem file (ie private key) .It works only in windows VM Image.(Not Ubuntu Image)
set DOCKER_CONTENT_TRUST=1
docker trust key load privatekey.pem --name username
Enter passphrase :
docker trust signer add --key publickey.pem username dockerimageregistry.azurecr.io/hello-world:signed