Cannot pull SHA-tagged bitnami/nginx from Docker hub

[fterrani]

Name and Version

bitnami/nginx:sha256-21fec87ab93a628f7082bc6a0531c8fdc586d3a1095be14690dbfb984d46c1f7

What steps will reproduce the bug?

1. Windows 11 with the latest Docker Desktop CLI, run docker pull bitnami/nginx:sha256-21fec87ab93a628f7082bc6a0531c8fdc586d3a1095be14690dbfb984d46c1f7

What is the expected behavior?

Image should be pulled?

What do you see instead?

The following error message:

unsupported media type application/vnd.cncf.notary.signature

Additional information

Greetings.

I've read several documentation pages of Docker, Bitnami and Notation but I cannot understand why the following happens.

I wanted to pull a Bitnami Nginx Docker image from the Docker hub. At first I used the following command:

>docker pull bitnami/nginx:latest
latest: Pulling from bitnami/nginx
eb622c256171: Pull complete
Digest: sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb
Status: Downloaded newer image for bitnami/nginx:latest
docker.io/bitnami/nginx:latest

What's next:
    View a summary of image vulnerabilities and recommendations → docker scout quickview bitnami/nginx:latest

Everything seemed to work fine with this one. I then wanted to use a non-rolling tag so I tried to download one of the images listed on Docker hub. Unfortunately I get an error message:

>docker pull bitnami/nginx:sha256-21fec87ab93a628f7082bc6a0531c8fdc586d3a1095be14690dbfb984d46c1f7
sha256-21fec87ab93a628f7082bc6a0531c8fdc586d3a1095be14690dbfb984d46c1f7: Pulling from bitnami/nginx
unsupported media type application/vnd.cncf.notary.signature

I thought that maybe the command syntax wasn't right. So I checked the docker pull command's web page and tried using @ and : instead of : and - respectively, but another error message appears:

>docker pull bitnami/nginx@sha256:21fec87ab93a628f7082bc6a0531c8fdc586d3a1095be14690dbfb984d46c1f7
docker.io/bitnami/nginx@sha256:21fec87ab93a628f7082bc6a0531c8fdc586d3a1095be14690dbfb984d46c1f7: Pulling from bitnami/nginx
unsupported media type application/vnd.oci.empty.v1+json

However, the SHA-tagged image that also matches the latest tag works (which sounds logical):

>docker pull bitnami/nginx@sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb
docker.io/bitnami/nginx@sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb: Pulling from bitnami/nginx
eb622c256171: Pull complete
Digest: sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb
Status: Downloaded newer image for bitnami/nginx@sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb
docker.io/bitnami/nginx@sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb

What's next:
    View a summary of image vulnerabilities and recommendations → docker scout quickview bitnami/nginx@sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb

...but none of the other SHA-tagged image seems to be pullable. Other images with tags ending with .sig or .metadata or .att exist but they don't work either and I don't understand what they are used for.

I've been trying for some time now but I couldn't find any documentation explaining this online. Can you explain me this situation? or point me to the appropriate place to ask if this is not the right one?

Thanks!

[carrodher]

What you're seeing is expected behavior, although Docker Hub does not make it very intuitive.

Not everything listed under the tags section in Docker Hub are runnable container images. In addition to images, the registry also contains OCI artifacts such as signatures and attestations (for example, related to Notation/supply chain security).

The error:

unsupported media type application/vnd.cncf.notary.signature

means that Docker is trying to pull a signature artifact, not a container image. These artifacts are not meant to be pulled or run with docker pull.

Only actual image manifests can be pulled. That’s why this works:

docker pull bitnami/nginx@sha256:0395d4f646e...

but other SHA references fail — they correspond to signatures or metadata, not images.

Regarding the tags ending in .sig, .metadata, etc:

• .sig → cryptographic signatures of the image
• .metadata / attestations → additional supply chain/security information

These are used by tools like Notation for verification, not for running containers.

If you want to use a non-rolling reference, the correct approach is:

1. Pull bitnami/nginx:latest (or a versioned tag)
2. Use the digest shown in the output (the image manifest digest)
3. Pin using: docker pull bitnami/nginx@sha256:<digest>

In the UI you can also see the sha of the latest tag based on the arch:

Unfortunately, Docker Hub currently mixes these artifacts in the UI, which can make it confusing to identify which digests correspond to actual images.

[fterrani]

Many thanks for these explanations!

I read most of these pages which seem to explain why Bitnami's Docker hub content is what it is:

• https://github.com/bitnami/containers/tree/main/bitnami/nginx/1.28
• Upcoming changes to the Bitnami catalog (effective August 28th, 2025) #83267

This was a bit tedious to find. I think this announcement should be made more visible on Docker hub.

One last question: currently (2026-03-27), I can get the latest image using the latest tag or one of the two SHA digests listed in this output:

>docker image ls -a --digests
REPOSITORY    TAG    DIGEST                                                                  IMAGE ID     CREATED    SIZE
bitnami/nginx latest sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb 4cba5781f421 2 days ago 107MB
bitnami/nginx latest sha256:7835f294094e4b010dfe4588f9b5681d0d461456e3af26bfab4a141b68453874 4cba5781f421 2 days ago 107MB

Also, I noticed only the latest tag seem to have image artifacts listed under it on the Docker hub. Also, since Bitnami stated the following:

For development purposes, community-tier users are restricted to pulling only the most recent ‘latest’ tags of the limited community-tier subset of container images.

...does this mean that if I execute one of these commands in several months when the currently latest image will have been updated, they will fail/break (EDIT: assuming any kind of image/layer cache is empty)?

• docker pull bitnami/nginx@sha256:0395d4f646e90a60ccbe484078470e9fd26f7d4eabe20323135f70367ce443eb
• docker pull bitnami/nginx@sha256:7835f294094e4b010dfe4588f9b5681d0d461456e3af26bfab4a141b68453874

[carrodher]

Yes, pulling by digest will still work. Here's why:

Tags are mutable pointers. When you push a new image as bitnami/nginx:latest, the latest tag simply moves to point to the new image's digest. The old image is not deleted.

Digests are immutable content addresses. The SHA256 digest is computed from the image manifest's content. It is permanently tied to that exact image, regardless of what tags point to it.