Chainguard Libraries Network Requirements

Network requirements for different use cases with Chainguard Libraries

The following sections detail the required network access to use Chainguard Libraries and the related tools such as chainctl.

Access for chainctl and Other Tools

For initial configuration with chainctl as well as for verification of downloaded libraries with cosign and other tools, you must have HTTPS access to the following domains:

  • dl.enforce.dev for download and update of chainctl
  • issuer.enforce.dev for authentication in web console and with chainctl
  • console-api.enforce.dev for web console and chainctl to administrate and use your Chainguard accounts.
  • console.chainguard.dev for the web console to administrate and use your Chainguard accounts.

Access for Libraries

Chainguard Libraries use is transparent for development efforts and typically requires no additional network access for workstations and other infrastructure running builds because the libraries are provided by the repository manager as configured for Java or Python.

The repository manager application must have HTTPS access to the domain libraries.cgr.dev for library access and issuer.enforce.dev for authentication.

If you are accessing Chainguard Libraries directly for testing with curl or with a build tool, the used workstation must have identical access.

Last updated: 2025-06-04 09:30