Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
23 Views

PCK Cert api always response 404, what does that means?

Jump to solution

I have tried to setup a DCAP on my machine, and i got the encrypted_ppid/cpusvn/pcesvn/pceid by running PCKIDRetrivalTool.

When I use these params to call https://api.trustedservices.intel.com/sgx/certification/v1/pckcert with -H "Ocp-Apim-Subscription-Key: $myKey", I always get 404 response, which means cert of my machine cannot be found. 

Is anyone met the same problem?

 

By the way, the result from PCKIDRetrivalTool looks good, only PCEID is all zeros(0000).

 

0 Kudos

Accepted Solutions
Highlighted
Employee
23 Views

That's the problem, for the Engineer Sample Chip, there is no the related cert data in Intel's server. I guess that is the root cause why the 404 is returned. 

By the way, for customer, there is only production level products. Not sure why you got one Engineer Sample chip

View solution in original post

0 Kudos
4 Replies
Highlighted
Employee
23 Views

could you please show your script or command to get cert with these parameters?

0 Kudos
Highlighted
Employee
23 Views

and what is your platform type? by the way, currently pceid is 0

0 Kudos
Highlighted
23 Views

1. the script is like below:

export SGXPPID=6e983cda294e6780bca9d38fff38f0a712389c87058a87e1a02e84ca6d71324f4c84df055db8a9ec3b4d11f133f14882d523306471807b7ffb03178c4c0a2e3a9eb5b0ab7a5c03a7df9a0b2bc75866ee27eb73eb7ac819b3be0010f77c7aea7eebbf5ca6a2c27ac92fdf144fe3e071b001f5d65b1ae1e7122a666c28e8c98c20c6041e2a30068fc9dbbdfaa7d8709d90a264264094953058f34e7ced11ad4d8ce96574995f4ee66f12f712055dd20dae7709b4675b6279bf91278dc8a9ffb2c1567699ec728dde1247af833cece9708f15bcd3c3c3b6d8bf68003a2061334dbb9db052ffe8aa25916b9d232d59f0a586776bc5cd876af34aae75d35cd1bafdb6abe16a7bd8a452b042eff5ed2971711e123dad75c8b4978babee59ab725c40ff98ded55bd697a360e518b29569bc914c7974a58d9559dbb3fd48ca020ff1f45eff1371b82f99b395c03dd00a763f1f0af41c7f2f9a0eefdc9f70c4b7a482928ba5ff0410c619792e7e3d6032343a180bb6296eb32d65349856ddda89745d7abb
export CPUSVN=01010205ff8000000000000000000000
export PCESVN=0700
export PCEID=0000
export APIKEY=******************************** # from intel 
export QEID=83f90898720c901856116091c1b2cf30

curl -v GET "https://api.trustedservices.intel.com/sgx/certification/v1/pckcert?encrypted_ppid=$SGXPPID&cpusvn=$CPUSVN&pcesvn=$PCESVN&pceid=$PCEID" -H "Ocp-Apim-Subscription-Key: $APIKEY"

2. my platform

$> uname -a
Linux test-Mehlow-UP-Server-Platform 4.13.0-36-generic #40~16.04.1-Ubuntu SMP Fri Feb 16 23:25:58 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$> cat /proc/cpuinfo | grep 'model name' | uniq
model name    : Genuine Intel(R) CPU 0000 @ 3.10GHz

it seems like the cpu is an Engineer Sample Chip, does this matter?

 

0 Kudos
Highlighted
Employee
24 Views

That's the problem, for the Engineer Sample Chip, there is no the related cert data in Intel's server. I guess that is the root cause why the 404 is returned. 

By the way, for customer, there is only production level products. Not sure why you got one Engineer Sample chip

View solution in original post

0 Kudos