diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f71dcde5e012..7eec4c79918f 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -103,7 +103,7 @@ jobs:
         run: |
           curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.3.0/cosign-linux-amd64
           chmod +x ./cosign
-          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
+          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.sig k0s
           cat k0s.sig
 
       - name: Upload Release Assets - Binary
@@ -195,7 +195,7 @@ jobs:
         run: |
           curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.3.0/cosign-linux-amd64
           chmod +x ./cosign
-          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.exe.sig k0s.exe
+          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.exe.sig k0s.exe
           cat k0s.exe.sig
 
       - name: Clean Docker
@@ -263,7 +263,7 @@ jobs:
         run: |
           curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.3.0/cosign-linux-arm64
           chmod +x ./cosign
-          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
+          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.sig k0s
           cat k0s.sig
 
       - name: Set up Go for smoke tests
@@ -350,7 +350,7 @@ jobs:
         run: |
           curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.3.0/cosign-linux-arm
           chmod +x ./cosign
-          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
+          COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.sig k0s
           cat k0s.sig
 
       - name: Set up Go for smoke tests
diff --git a/docs/verifying-signs.md b/docs/verifying-signs.md
index b85b6dcefd51..8c9ab7afcf2a 100644
--- a/docs/verifying-signs.md
+++ b/docs/verifying-signs.md
@@ -8,5 +8,5 @@ Binaries can be verified using the `cosign` tool, for example:
 cosign verify-blob \
   --key https://github.com/k0sproject/k0s/releases/download/v{{{ extra.k8s_version }}}%2Bk0s.0/cosign.pub \
   --signature https://github.com/k0sproject/k0s/releases/download/v{{{ extra.k8s_version }}}%2Bk0s.0/k0s-v{{{ extra.k8s_version }}}+k0s.0-amd64.sig \
-  --payload k0s-v{{{ extra.k8s_version }}}+k0s.0-amd64
+  k0s-v{{{ extra.k8s_version }}}+k0s.0-amd64
 ```