Introduction to Docker Content Trust

Article ID: KB000385

This guide provides an overview of Docker Content Trust and some quick familiarization exercises. It was introduced in Docker Engine 1.8 and Docker CS Engine 1.9.0 and is available in Docker EE.

Docker Content Trust provides strong cryptographic guarantees over what code and what versions of software are being run in your infrastructure. Docker Content Trust integrates The Update Framework (TUF) into Docker using Notary , an open source tool that provides trust over any content.

When a publisher using Docker Content Trust pushes an image to a remote registry, Docker Engine signs the image locally with the publisher’s private key. When a user later pulls this image, Docker Engine uses the publisher’s public key to verify that the image is exactly what the publisher created, has not been tampered with, and is up to date.

More details about the internals of Docker Content Trust can be found in the Docker Blog.

More information about using Docker Content Trust can be found on

Docker Content Trust Motivations

  • Image Provenance is critical for Production
  • Distributed content should be signed
  • Key compromise should be difficult
  • Compromise resilience is important
  • Replay attacks should be hard
  • Existing infrastructure is reused
  • Trusting Docker should not be mandatory

Pull Images with Docker Content Trust

docker pull --disable-content-trust jpetazzo/clock

docker -D pull --disable-content-trust hello-world
docker -D pull hello-world
  • Temporarily disable content trust to successfully pull unsigned content:

  • Enable debug mode to compare the behavior of pulls where signed content is verified to pulls where no trust data is verified:

  • Enable Docker Content Trust:

  • Try to pull unsigned content and observe error messages:

    docker pull jpetazzo/clock

Sign and Push Images with Docker Content Trust

  • Log into Docker Hub with Docker Engine 1.8, Docker CS Engine 1.9.0, or newer:

    docker login
  • With Docker Content Trust enabled, push an image to Hub. When you push, Docker will note you have no keys, create them, and prompt you for a passphrase to encrypt them:

    docker tag <clock image ID> <HubUsername>/clock:latest
    docker -D push <username>/clock:latest 
    Enter key passphrase for offline key with id <yourIDnumber>: 
    Enter passphrase for new tagging key with id<HubUsername>/clock (<yourIDnumber>):