Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
1307 Discussions

Problem of running RA sample code: could not retrieve the sigrl

SunnySun
Beginner
605 Views

Hi, Intel

When I run the RA sample code of sgx-ra-sample. The server can not retrieve the sigrl. And the screenshot is following.

SunnySun_0-1628681080335.png

This picture points out an ERROR: cannot verify api.trustedservices.intel.com's certificate, issued by ‘CN=COMODO RSA Organization Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB’: Unable to locally verify the issuer's authority. To connect to api.trustedservices.intel.com insecurely, use `--no-check-certificate'.

 

I have tried the solution of  updating openssl  from 1.1.0 to 1.1.1j, posted by @makura on   Solved: Problem of running RA sample code: could not retrieve the sigrl - Intel Community. However I still have the problem.

 

Can you tell me how to fix this problem. Thanks

 

 

0 Kudos
1 Solution
JesusG_Intel
Moderator
513 Views

Hello SunnySun,


This response means that your system requires a BIOS update from your OEM that includes the latest early-load microcode with the security updates.


This article provides more information:


Remote Attestation Reports Security Vulnerabilities even when Latest Microcode is Installed


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

5 Replies
JesusG_Intel
Moderator
550 Views

Hello SunnySun,


Please run sudo apt-get update to ensure all your components are up-to-date. Let us know if this helps.


Sincerely,

Jesus G.

Intel Customer Support


SunnySun
Beginner
536 Views

Hello JesusG_Intel,

 

I tried this command and update all components. Unfortunately, this error still exists.

Then I tried to add "--no-check-certificates" to the agent_wget.cpp. It run successfully. Howver the remote attestation returns the following information.

SunnySun_0-1628827847933.png

What's wrong about that?

Sincerely,

SunnySun

JesusG_Intel
Moderator
514 Views

Hello SunnySun,


This response means that your system requires a BIOS update from your OEM that includes the latest early-load microcode with the security updates.


This article provides more information:


Remote Attestation Reports Security Vulnerabilities even when Latest Microcode is Installed


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
497 Views

Hello SunnySun,


Do you still need help with this issue?


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
468 Views

Hello SunnySun,


I hope the information I provided was helpful to you. Since we haven't heard from you I will close this case. If you need further assistance with this issue, please open a new thread.


Sincerely,

Jesus G.

Intel Customer Support


Reply