Fix cosign installation steps

Docker_Registry_Install_Guide.md

@@ -433,17 +433,30 @@ sudo update-ca-certificates
 
 # 4. Generate Cosign key pair for image signing
 # Install Cosign (pinned + verified)
-COSIGN_VERSION=v2.2.4
+# Vars
-COSIGN_URL="https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/cosign-linux-amd64"
+COSIGN_VERSION=v2.5.3 # Replace with the latest stable release version
-COSIGN_SHA256="<REPLACE_WITH_OFFICIAL_SHA256>"
+BASE="https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}"
+FILE="cosign-linux-amd64"
 
-**⚠️ IMPORTANT:** Replace `<REPLACE_WITH_OFFICIAL_SHA256>` with the official release SHA256 before running.
+cd /tmp
 
-curl -fsSL -o /usr/local/bin/cosign "$COSIGN_URL"
+# 1) Download binary + vendor checksums
-echo "${COSIGN_SHA256}  /usr/local/bin/cosign" | sha256sum -c -
+curl -fsSLO "${BASE}/${FILE}"
-chmod +x /usr/local/bin/cosign
+curl -fsSLO "${BASE}/cosign_checksums.txt"
 
-# Verify installation
+# 2) Verify SHA256 for the exact artifact
+grep "  ${FILE}$" cosign_checksums.txt | sha256sum -c -
+
+# Expect: 'cosign-linux-amd64: OK'
+
+# (If your 'cosign_checksums.txt' has CRLFs and the check fails, do:
+#   sed -i 's/\r$//' cosign_checksums.txt
+# and run the check again.)
+
+# 3) Install
+sudo install -m 0755 "/tmp/${FILE}" /usr/local/bin/cosign
+
+# 4) Sanity check
 cosign version --json
 
 # Generate Cosign key pair (or use keyless OIDC in CI)