---
title: Verifying the tunnel image
url: https://www.tines.com/docs/admin/tunnel/verifying-the-tunnel-image/
updated: 2025-08-13T12:58:46+00:00
---

*[tines.com](https://www.tines.com/llms.txt) › [Docs](https://www.tines.com/llms.txt) › [Admin](https://www.tines.com/llm/docs/admin.md) › [Tunnel](https://www.tines.com/llm/docs/admin/tunnel.md)*

# Verifying the tunnel image

*[View on tines.com](https://www.tines.com/docs/admin/tunnel/verifying-the-tunnel-image/)*

The Tines tunnel image can be verified with [cosign](https://github.com/sigstore/cosign/releases/). Verifying this way guarantees that the image was built in our Github actions from our main, protected branch.

```bash
cosign verify \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-identity-regexp '^https://github.com/tines/tines/\.github/workflows/[^@]+@refs/heads/main$' \
    "tines/tines-tunnel:latest" 
```

You should then get a response:

```
Verification for index.docker.io/tines/tines-tunnel:latest --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The code-signing certificate was verified using trusted certificate authority certificates
```