Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1494 Discussions

Problem of running RA sample code: could not retrieve the sigrl

SunnySun
Beginner
‎08-11-2021 04:33 AM
1,629 Views
Solved Jump to solution

Hi, Intel

When I run the RA sample code of sgx-ra-sample. The server can not retrieve the sigrl. And the screenshot is following.

SunnySun_0-1628681080335.png

This picture points out an ERROR: cannot verify api.trustedservices.intel.com's certificate, issued by ‘CN=COMODO RSA Organization Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB’: Unable to locally verify the issuer's authority. To connect to api.trustedservices.intel.com insecurely, use `--no-check-certificate'.

 

I have tried the solution of  updating openssl  from 1.1.0 to 1.1.1j, posted by @makura on   Solved: Problem of running RA sample code: could not retrieve the sigrl - Intel Community. However I still have the problem.

 

Can you tell me how to fix this problem. Thanks

 

 

0 Kudos
1 Solution
JesusG_Intel
Moderator
‎08-16-2021 09:38 AM
1,537 Views
Solved Jump to solution

Hello SunnySun,


This response means that your system requires a BIOS update from your OEM that includes the latest early-load microcode with the security updates.


This article provides more information:


Remote Attestation Reports Security Vulnerabilities even when Latest Microcode is Installed


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

0 Kudos
Copy link

Link Copied

5 Replies
JesusG_Intel
Moderator
‎08-12-2021 12:48 PM
1,574 Views
Solved Jump to solution

Hello SunnySun,


Please run sudo apt-get update to ensure all your components are up-to-date. Let us know if this helps.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Copy link
SunnySun
Beginner
‎08-12-2021 09:12 PM
1,560 Views
Solved Jump to solution
In response to JesusG_Intel

Hello JesusG_Intel,

 

I tried this command and update all components. Unfortunately, this error still exists.

Then I tried to add "--no-check-certificates" to the agent_wget.cpp. It run successfully. Howver the remote attestation returns the following information.

SunnySun_0-1628827847933.png

What's wrong about that?

Sincerely,

SunnySun

In response to JesusG_Intel
0 Kudos
Copy link
JesusG_Intel
Moderator
‎08-16-2021 09:38 AM
1,538 Views
Solved Jump to solution

Hello SunnySun,


This response means that your system requires a BIOS update from your OEM that includes the latest early-load microcode with the security updates.


This article provides more information:


Remote Attestation Reports Security Vulnerabilities even when Latest Microcode is Installed


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Copy link
JesusG_Intel
Moderator
‎08-20-2021 10:08 AM
1,521 Views
Solved Jump to solution

Hello SunnySun,


Do you still need help with this issue?


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Copy link
JesusG_Intel
Moderator
‎08-25-2021 02:58 PM
1,492 Views
Solved Jump to solution

Hello SunnySun,


I hope the information I provided was helpful to you. Since we haven't heard from you I will close this case. If you need further assistance with this issue, please open a new thread.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.