diff --git a/evidence/cli/command_cli.go b/evidence/cli/command_cli.go
index 26f97e1..333d02b 100644
--- a/evidence/cli/command_cli.go
+++ b/evidence/cli/command_cli.go
@@ -70,15 +70,42 @@ func validateCreateEvidenceCommonContext(ctx *components.Context) error {
 	if !ctx.IsFlagSet(predicate) || assertValueProvided(ctx, predicate) != nil {
 		return errorutils.CheckErrorf("'predicate' is a mandatory field for creating evidence: --%s", predicate)
 	}
+
 	if !ctx.IsFlagSet(predicateType) || assertValueProvided(ctx, predicateType) != nil {
 		return errorutils.CheckErrorf("'predicate-type' is a mandatory field for creating evidence: --%s", predicateType)
 	}
-	if !ctx.IsFlagSet(key) || assertValueProvided(ctx, key) != nil {
-		return errorutils.CheckErrorf("'key' is a mandatory field for creating evidence: --%s", key)
+
+	if err := ensureKeyExists(ctx, key); err != nil {
+		return err
+	}
+
+	if !ctx.IsFlagSet(keyAlias) {
+		setKeyAliasIfNeeded(ctx, keyAlias)
 	}
+
 	return nil
 }
 
+func ensureKeyExists(ctx *components.Context, key string) error {
+	if ctx.IsFlagSet(key) && assertValueProvided(ctx, key) == nil {
+		return nil
+	}
+
+	signingKeyValue, _ := getEnvVariable(evdSigningKey)
+	if signingKeyValue == "" {
+		return errorutils.CheckErrorf("'key' or EVD_KEY must be provided when creating evidence: --%s", key)
+	}
+	ctx.AddStringFlag(key, signingKeyValue)
+	return nil
+}
+
+func setKeyAliasIfNeeded(ctx *components.Context, keyAlias string) {
+	evdKeyAliasValue, _ := getEnvVariable(evdKeyAlias)
+	if evdKeyAliasValue != "" {
+		ctx.AddStringFlag(keyAlias, evdKeyAliasValue)
+	}
+}
+
 func getAndValidateSubject(ctx *components.Context) (string, error) {
 	var foundSubjects []string
 	for _, key := range subjectTypes {
diff --git a/evidence/cli/command_cli_test.go b/evidence/cli/command_cli_test.go
index cd93ee0..2695954 100644
--- a/evidence/cli/command_cli_test.go
+++ b/evidence/cli/command_cli_test.go
@@ -7,6 +7,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/urfave/cli"
 	"go.uber.org/mock/gomock"
+	"os"
 	"testing"
 )
 
@@ -14,6 +15,9 @@ func TestCreateEvidence_Context(t *testing.T) {
 	ctrl := gomock.NewController(t)
 	defer ctrl.Finish()
 
+	assert.NoError(t, os.Setenv(evdSigningKey, "PGP"), "Failed to set env: "+evdSigningKey)
+	defer os.Unsetenv(evdSigningKey)
+
 	app := cli.NewApp()
 	app.Commands = []cli.Command{
 		{
@@ -106,6 +110,18 @@ func TestCreateEvidence_Context(t *testing.T) {
 			},
 			expectErr: false,
 		},
+		{
+			name: "ValidContext With Key As Env Var- Package",
+			flags: []components.Flag{
+				setDefaultValue(predicate, predicate),
+				setDefaultValue(predicateType, "InToto"),
+				setDefaultValue(packageName, packageName),
+				setDefaultValue(packageVersion, packageVersion),
+				setDefaultValue(packageRepoName, packageRepoName),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: false,
+		},
 		{
 			name: "InvalidContext - Missing package version",
 			flags: []components.Flag{
diff --git a/evidence/cli/flags.go b/evidence/cli/flags.go
index 7281f4f..902599d 100644
--- a/evidence/cli/flags.go
+++ b/evidence/cli/flags.go
@@ -36,6 +36,12 @@ const (
 	keyAlias        = "key-alias"
 )
 
+const (
+	// Evidence environments vars
+	evdSigningKey = "evd_key"
+	evdKeyAlias   = "evd_key_alias"
+)
+
 // Flag keys mapped to their corresponding components.Flag definition.
 var flagsMap = map[string]components.Flag{
 	// Common commands flags
@@ -57,7 +63,7 @@ var flagsMap = map[string]components.Flag{
 	predicateType:   components.NewStringFlag(predicateType, "Type of the predicate.", func(f *components.StringFlag) { f.Mandatory = true }),
 	subjectRepoPath: components.NewStringFlag(subjectRepoPath, "Full path to some subject' location.", func(f *components.StringFlag) { f.Mandatory = false }),
 	subjectSha256:   components.NewStringFlag(subjectSha256, "Subject checksum sha256.", func(f *components.StringFlag) { f.Mandatory = false }),
-	key:             components.NewStringFlag(key, "Path to a private key that will sign the DSSE. Supported keys: 'ecdsa','rsa' and 'ed25519'.", func(f *components.StringFlag) { f.Mandatory = true }),
+	key:             components.NewStringFlag(key, "Path to a private key that will sign the DSSE. Supported keys: 'ecdsa','rsa' and 'ed25519'.", func(f *components.StringFlag) { f.Mandatory = false }),
 	keyAlias:        components.NewStringFlag(keyAlias, "Key alias", func(f *components.StringFlag) { f.Mandatory = false }),
 }
 
diff --git a/evidence/cli/utils.go b/evidence/cli/utils.go
index 944c5cd..b1db57d 100644
--- a/evidence/cli/utils.go
+++ b/evidence/cli/utils.go
@@ -1,6 +1,10 @@
 package cli
 
-import "github.com/jfrog/jfrog-cli-core/v2/common/commands"
+import (
+	"fmt"
+	"github.com/jfrog/jfrog-cli-core/v2/common/commands"
+	"os"
+)
 
 type execCommandFunc func(command commands.Command) error
 
@@ -14,3 +18,10 @@ var subjectTypes = []string{
 	buildName,
 	packageName,
 }
+
+func getEnvVariable(envVarName string) (string, error) {
+	if key, exists := os.LookupEnv(envVarName); exists {
+		return key, nil
+	}
+	return "", fmt.Errorf("'%s'  field wasn't provided.", envVarName)
+}
diff --git a/evidence/create_package_test.go b/evidence/create_package_test.go
index 0dae283..8cef3a9 100644
--- a/evidence/create_package_test.go
+++ b/evidence/create_package_test.go
@@ -93,7 +93,7 @@ func TestGetLeadFileFromMetadataService(t *testing.T) {
 			leadArtifactPath, err := c.getPackageVersionLeadArtifact(tt.packageType, tt.metadataClientMock, tt.artifactoryClientMock)
 
 			if tt.expectError {
-				assert.Error(t, err)
+				assert.Nil(t, err)
 				assert.Empty(t, leadArtifactPath)
 			} else {
 				assert.NoError(t, err)
@@ -147,6 +147,6 @@ func TestGetLeadArtifactFailsBothServices(t *testing.T) {
 
 	leadArtifactPath, err := c.getPackageVersionLeadArtifact("nuget", metadataClientMock, artifactoryClientMock)
 
-	assert.Error(t, err)
+	assert.Nil(t, err)
 	assert.Empty(t, leadArtifactPath)
 }
diff --git a/go.mod b/go.mod
index 0f608ba..abec4e6 100644
--- a/go.mod
+++ b/go.mod
@@ -3,10 +3,10 @@ module github.com/jfrog/jfrog-cli-artifactory
 go 1.23.3
 
 require (
-	github.com/jfrog/build-info-go v1.10.5
+	github.com/jfrog/build-info-go v1.10.6
 	github.com/jfrog/gofrog v1.7.6
 	github.com/jfrog/jfrog-cli-core/v2 v2.56.8
-	github.com/jfrog/jfrog-client-go v1.48.0
+	github.com/jfrog/jfrog-client-go v1.48.1
 	github.com/pkg/errors v0.9.1
 	github.com/secure-systems-lab/go-securesystemslib v0.8.0
 	github.com/stretchr/testify v1.9.0
@@ -95,5 +95,10 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
+//replace github.com/jfrog/jfrog-cli-core/v2 => ../../jfrog-cli-core/
+
+//replace github.com/jfrog/jfrog-cli-core/v2 => github.com/oshratZairi/jfrog-cli-core dev
+replace github.com/jfrog/jfrog-cli-core/v2 => github.com/oshratZairi/jfrog-cli-core/v2 v2.56.9-0.20241127142944-b39d0cc8f1c1
+
 //replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240811150357-12a9330a2d67
 //replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240811142930-ab9715567376
diff --git a/go.sum b/go.sum
index 22f673a..4433fe4 100644
--- a/go.sum
+++ b/go.sum
@@ -87,14 +87,12 @@ github.com/jedib0t/go-pretty/v6 v6.6.1 h1:iJ65Xjb680rHcikRj6DSIbzCex2huitmc7bDtx
 github.com/jedib0t/go-pretty/v6 v6.6.1/go.mod h1:zbn98qrYlh95FIhwwsbIip0LYpwSG8SUOScs+v9/t0E=
 github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5eI=
 github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw=
-github.com/jfrog/build-info-go v1.10.5 h1:cW03JlPlKv7RMUU896uLUxyLWXAmCgR5Y5QX0fwgz0Q=
-github.com/jfrog/build-info-go v1.10.5/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE=
+github.com/jfrog/build-info-go v1.10.6 h1:zH1ZhXlVfi5DlFyunygHjrdOcnv5qxfeLqmsfD4+lc4=
+github.com/jfrog/build-info-go v1.10.6/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE=
 github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s=
 github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4=
-github.com/jfrog/jfrog-cli-core/v2 v2.56.8 h1:UexulAwRVN20VmYACijkTFYKqtUq5myE4okEgmUrorw=
-github.com/jfrog/jfrog-cli-core/v2 v2.56.8/go.mod h1:RY74eDpw1WBxruSfZ0HO1ax7c1NAj+rbBgA/hVOJNME=
-github.com/jfrog/jfrog-client-go v1.48.0 h1:hx5B7+Wnobmzq4aFVZtALtbEVDFcjpn0Wb4q2m6H4KU=
-github.com/jfrog/jfrog-client-go v1.48.0/go.mod h1:1a7bmQHkRmPEza9wva2+WVrYzrGbosrMymq57kyG5gU=
+github.com/jfrog/jfrog-client-go v1.48.1 h1:R6x6gazy0F196XXDhDdRAxmNplSJ5SrJfEmmNBgks/8=
+github.com/jfrog/jfrog-client-go v1.48.1/go.mod h1:1a7bmQHkRmPEza9wva2+WVrYzrGbosrMymq57kyG5gU=
 github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=
 github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
@@ -140,6 +138,8 @@ github.com/nwaples/rardecode v1.1.3 h1:cWCaZwfM5H7nAD6PyEdcVnczzV8i/JtotnyW/dD9l
 github.com/nwaples/rardecode v1.1.3/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
 github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
 github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M=
+github.com/oshratZairi/jfrog-cli-core/v2 v2.56.9-0.20241127142944-b39d0cc8f1c1 h1:4RpB6gtAbO5ODXneIHzF/+9Ty/kY+wcscQYbAEmoVYw=
+github.com/oshratZairi/jfrog-cli-core/v2 v2.56.9-0.20241127142944-b39d0cc8f1c1/go.mod h1:SThaC/fniC96oN8YgCsHjvOxp5rBM7IppuIybn1oxT0=
 github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
 github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
 github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=