Hello everyone, I have a problem about booting signed images from cinder volumes. I am currently working on OpenStack Ussuri and I have Ceph storage as cinder backend. I have completed the necessary steps to enable glance image verification according to this document [1]. Now, I can create VMs from signed images -if I do not choose the *create new volume* option-. If I try to boot from volume, it throws an error message: "Image certificate validation is not supported when booting from volume". According to [2], Cinder already has an option to use signed images and it is enabled by default, but it seems it does not work. As opposed to this, [3] explains that Cinder has no ability to verify trusted images: *"As of the 18.0.0 Rocky release, trusted image certification validation is not supported with volume-backed (boot from volume) instances. The block storage service support may be available in a future release"* Is there any way to use trusted/signed images when booting from volume? Thanks. 1 - https://docs.openstack.org/nova/ussuri/user/certificate-validation.html 2 - https://docs.openstack.org/cinder/latest/configuration/block-storage/samples/cinder.conf.html 3 - https://docs.openstack.org/nova/ussuri/user/certificate-validation.html -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20230120/d691adde/attachment.htm>