Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1540 Discussions

DCAP version and collateral endpoints

Neil_Cohen
Beginner
‎07-17-2025 12:38 PM
3,775 Views

Hi

 

We are using DCAP version 1.16 on azure sgx machines.      

This week we started getting quote verification errors with error code 0xe001 for our enclaves.

We tested and it will be resolved if we upgrade to a newer DCAP library.

 

Are these endpoints no longer compatible with that version of the DCAP lib?

https://global.acccache.azure.net/sgx/certification/v4/

https://api.trustedservices.intel.com/sgx/certification/v4/

 

Thanks

Neil Cohen

0 Kudos

Link Copied

2 Replies
Benny_Intel
Moderator
‎07-18-2025 04:46 AM
3,612 Views

Hallo Neil Cohen,

thank you for reporting this issues, we are currently investigating it.

Is it possible that you use Open Enclave?
Because a very similar issue was just reported in the project's repo (https://github.com/openenclave/openenclave/issues/5069) and already resolved with a recent PR (https://github.com/openenclave/openenclave/pull/5070).

Or do you see the issue using the DCAP library standalone?

Best regards,
Benny

0 Kudos
Copy link
Neil_Cohen
Beginner
‎07-18-2025 07:34 AM
3,587 Views

Hil. We don't use openenclave.  We use a rust wrapper on top of the intel sgx and dcap linux sdks.

It does work now that we upgraded the dcap libs to 1.23 from 1.16.  We are just trying to understand what changed and whether there was notice that we missed.  

 

Our sgx_default_qcnl.conf file contains

//PCCS server address

  "pccs_url": "https://global.acccache.azure.net/sgx/certification/v4/"

 

// PCK Certs and verification collateral will be retrieved using pccs_url 

  ,"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v4/"

 

Thanks

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.