Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1550 Discussions

Pccs use offline mode , Failed to get PCK certs

yeqichao
Beginner
‎02-08-2026 05:20 AM
273 Views
physical machine  is have two cpu support sgx
 
 
yeqichao_5-1770556023685.png

introduce:

ubuntu 20.04 ,5.15.0-101-generic

install sgx_linux_x64_sdk_2.26.100.0.bin

dcap 1.22, Retrieval Tool Version 1.22.100.3

 

now begin

first, pccs sever is running on docker, i build a pccs image to run it:

pccs is offline mode

yeqichao_1-1770555771969.png

second, i use the PCKIDRetrievalTool_v1.22.100.3, log as follows:

yeqichao_0-1770555745133.png

then, I use PccsAdminTool on my own computer to export platform information

yeqichao_6-1770556399915.png

finally,I use the generated platform_list.json to request https://api.trustedservices.intel.com/sgx/certification/v4/ to obtain PCK certs,

yeqichao_7-1770556551389.png

Why did this situation occur? 

The information that can be known more intuitively is that the csv file generated by PCKIDRetrievalTool does not contain platform_manifest information

 

0 Kudos

Link Copied

2 Replies
Benny_Intel
Moderator
‎02-09-2026 02:04 AM
243 Views

Hello,

In your second screenshot, you see the message "Warning: platform manifest is not available or current platform is not multi-package platform.". This leads exactly what you say: the CSV does not contain the platform manifest and as a result, you cannot register the machine.

Please try an "SGX Factory Reset" in the BIOS, which will lead to the availability of a new platform manifest. Note that this will generate new platform keys, which makes it impossible to unseal everything that you might have sealed before. 

You can read more about registration in our TDX Enabling Guide (SGX is currently a requirement for TDX attestation): Infrastructure Setup - Intel® TDX Enabling Guide

If you still face issues with registration afterwards, please run the troubleshooting steps in the TDX Enabling Guide and provide the results.

Best regards,
Benny

0 Kudos
Copy link
yeqichao
Beginner
‎02-11-2026 11:13 PM
209 Views

Thank you very much. I have already solved this issue. It was because the UEFI mode was not selected in the BIOS panel for the boot entry. I also discovered this after consulting the relevant DCAP documentation. The information is described in great detail : https://download.01.org/intel-sgx/sgx-dcap/1.9/linux/docs/Intel_SGX_DCAP_Multipackage_SW.pdf

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.