diagrid workflow archive trust-anchor
Print the region's Sentry CA trust anchor for a project
Description
Print the region's Sentry CA trust anchor (PEM) for a project.
This is the trust bundle that anchors the signing certificates in workflow history archives. Use it to verify archives offline:
diagrid workflow archive trust-anchor -p my-project > sentry-ca.pem diagrid workflow archive verify wf-123.json --trust-anchor sentry-ca.pem
Note: this returns the current trust anchor. Because Sentry roots rotate, it verifies recently-produced archives; verifying older archives may require the trust anchor that was current when they were produced.
diagrid workflow archive trust-anchor [flags]
Examples
# Print the trust anchor to stdout
diagrid workflow archive trust-anchor -p my-project
# Save it to a file
diagrid workflow archive trust-anchor -p my-project --out sentry-ca.pem
Options
-p, --project string Name of existing project
--out string Write the PEM bundle to this file instead of stdout
-h, --help help for trust-anchor
Options inherited from parent commands
--api-key string Diagrid Cloud API key
SEE ALSO
- diagrid workflow archive - Work with workflow history archives