Signed Panel plugin keep throwing invalid signature error

Hi everyone,

I created a private panel plugin and generated an api key to sign it using the Grafana Toolkit after following this documentation.

The signed panel shows ‘Signed’ in localhost but throws ‘Invalid Plugin Signature’ when deployed in Linux VM/Containerized Linux Image using Azure Kubernetes Service (AKS).

Anyone know what could be the issue?

Thanks in advance.

Private plugins needs to be signed using the root URL of the Grafana instance they’ll be used.

If you only used localhost for the --rootUrls flag, then the plugin will only be signed for your local Grafana instance.

If you want to sign the plugin for multiple instances, you can specify multiple root URLs.

FYI, we’ve recently fixed an issue related to multiple root URLs so make sure to check out the following pull request if you run into issues with this:

Hi Marcus,

I have tried both of the following commands in terminal:

npx @grafana/toolkit plugin:sign --signatureType private --rootUrls http ://localhost:3000/,https ://example.com/,https ://exampletwo.com/,https ://examplethree.com/

npx @grafana/toolkit plugin:sign --rootUrls http ://localhost:3000/,https ://example.com/,https ://exampletwo.com/,https ://examplethree.com/

and this is the outcome generated in MANIFEST.txt for rootUrls:

“rootUrls”: [
“http ://localhost:3000/”,
“https ://example.com/”,
“https ://exampletwo.com/”,
“https ://examplethree.com/”
]

(replaced the urls to example and added spaces after http because of level restrictions)

Everything seems to be fine. I am signing in a Windows device and it’s successful in localhost but not when deployed in the Linux VMs.

Do you think the Linux environment could be creating some issues? I have also tried signing in the Linux environment itself but the error still persist.

I am currently running Grafana v7.5.6 if that could lead to something.