Unable to use TSA to verify certificate #1421
Description
Summary
During signing and verifying using this signing config (Shortened)
"signingConfig": {
"mediaType": "application/vnd.dev.sigstore.signingconfig.v0.2+json",
"caUrls": [
{
"url": "https://fulcio.sigstore.dev",
}
],
"oidcUrls": [
{
"url": "https://oauth2.sigstore.dev/auth",
}
],
"rekorTlogUrls": [
{
"url": "https://rekor.sigstore.dev",
}
],
"tsaUrls": [
{
"url": "https://timestamp.sigstore.dev/api/v1/timestamp",
}
],
}
I receive an error:
rfc3161_client.errors.VerificationError: Error while verifying certificates: Unable to verify certificate
ERROR FAIL: testing.txt
ERROR not enough timestamps validated to meet the validation threshold (0/1)
Raising original exception:
ERROR not enough timestamps validated to meet the validation threshold (0/1)
Not sure why this is happening, wondering if this is a bug or if I am doing something wrong. If I make the URI improper for TSA, whatever it defaults to ends up signing and verifying correctly,