- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
https://software.intel.com/zh-cn/articles/how-to-create-self-signed-cert.
i follow this course to get my SSL CERTIFICTE.
I'm breaking down. I tried to operate and register three times. I'm sure I filled in every step carefully. Then upload the CRT file to GitHub and provide the download link to intel. When I get the Intel reply to my SPID, then i use curl (curl -1 --tlsv1.2 -v --key client.key --cert client.crt https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v3/sig...) to test wether the register is correct. but the results are wrong. I don't know what's wrong. i'm sure i filled up every item of the CSR.
output:
root@chen:/home/chen/client# curl -1 --tlsv1.2 -v --key client.key --cert client.crt https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v3/sig...
Trying 52.22.58.45...
Connected to test-as.sgx.trustedservices.intel.com (52.22.58.45) port 443 (#0)
found 148 certificates in /etc/ssl/certs/ca-certificates.crt
found 597 certificates in /etc/ssl/certs
ALPN, offering http/1.1
gnutls_handshake() failed: The handshake data size is too large.
Closing connection 0
curl: (35) gnutls_handshake() failed: The handshake data size is too large.
env:
ubuntu 16.04
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i think maybe this course not support linux .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello.
An issue has been fixed with the SGX IAS dev server. Please try again and let us know if still not working.
Regards.
Scott
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Scott R. (Intel) (Intel)
i have tried it again.but the result is the same as before.
ouput:
root@chen:/home/chen/client/ca1# curl -1 --tlsv1.2 -v --key client.key --cert client.crt https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v3/sigrl/00000ABC
* Trying 52.4.104.33...
* Connected to test-as.sgx.trustedservices.intel.com (52.4.104.33) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 597 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: test-as.sgx.trustedservices.intel.com (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: C=US,postalCode=95630,ST=CA,L=Folsom,street=FM1-110,street=1900 Prairie City Rd.,O=Intel Corporation,OU=Hosted by Intel Corporation,OU=Enterprise SSL Pro,CN=test-as.sgx.trustedservices.intel.com
* start date: Mon, 28 Aug 2017 00:00:00 GMT
* expire date: Wed, 28 Aug 2019 23:59:59 GMT
* issuer: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Organization Validation Secure Server CA
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET /attestation/sgx/v3/sigrl/00000ABC HTTP/1.1
> Host: test-as.sgx.trustedservices.intel.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< content-length: 0
< request-id: a30a0073f0d241bfb785d33ce7ff8738
< date: Thu, 24 Jan 2019 08:30:44 GMT
< Connection: keep-alive
<
* Connection #0 to host test-as.sgx.trustedservices.intel.com left intact
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Scott R. (Intel) (Intel)
i have tried it again.but the result is the same as before.
ouput:
root@chen:/home/chen/client/ca1# curl -1 --tlsv1.2 -v --key client.key --cert client.crt https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v3/sig...
* Trying 52.4.104.33...
* Connected to test-as.sgx.trustedservices.intel.com (52.4.104.33) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 597 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: test-as.sgx.trustedservices.intel.com (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: C=US,postalCode=95630,ST=CA,L=Folsom,street=FM1-110,street=1900 Prairie City Rd.,O=Intel Corporation,OU=Hosted by Intel Corporation,OU=Enterprise SSL Pro,CN=test-as.sgx.trustedservices.intel.com
* start date: Mon, 28 Aug 2017 00:00:00 GMT
* expire date: Wed, 28 Aug 2019 23:59:59 GMT
* issuer: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Organization Validation Secure Server CA
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET /attestation/sgx/v3/sigrl/00000ABC HTTP/1.1
> Host: test-as.sgx.trustedservices.intel.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< content-length: 0
< request-id: a30a0073f0d241bfb785d33ce7ff8738
< date: Thu, 24 Jan 2019 08:30:44 GMT
< Connection: keep-alive
<
* Connection #0 to host test-as.sgx.trustedservices.intel.com left intact
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Scott R. (Intel) (Intel) wrote:Hello.
An issue has been fixed with the SGX IAS dev server. Please try again and let us know if still not working.
Regards.
Scott
i have tried it again.but the result is the same as before.
output:
root@chen:/home/chen/client/ca1# curl -1 --tlsv1.2 -v --key client.key --cert client.crt https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v3/sigrl/00000ABC
* Trying 52.4.104.33...
* Connected to test-as.sgx.trustedservices.intel.com (52.4.104.33) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 597 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: test-as.sgx.trustedservices.intel.com (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: C=US,postalCode=95630,ST=CA,L=Folsom,street=FM1-110,street=1900 Prairie City Rd.,O=Intel Corporation,OU=Hosted by Intel Corporation,OU=Enterprise SSL Pro,CN=test-as.sgx.trustedservices.intel.com
* start date: Mon, 28 Aug 2017 00:00:00 GMT
* expire date: Wed, 28 Aug 2019 23:59:59 GMT
* issuer: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Organization Validation Secure Server CA
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET /attestation/sgx/v3/sigrl/00000ABC HTTP/1.1
> Host: test-as.sgx.trustedservices.intel.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< content-length: 0
< request-id: a30a0073f0d241bfb785d33ce7ff8738
< date: Thu, 24 Jan 2019 08:30:44 GMT
< Connection: keep-alive
<
* Connection #0 to host test-as.sgx.trustedservices.intel.com left intact
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello again.
Where are you getting your EPID group ID (00000ABC) from? If that's not a real ID, 404 is expected. You need to use a valid EPID group ID to receive a 200 OK message. I just confirmed this works fine with a valid group ID.
Regards.
Scott
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page