Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1494 Discussions

Do we need to Register Azure VM Platform for SGX Remote Attesation ?

Sirasapalli
Beginner
277 Views

Hi, I have setup Azure Attestation Provider, and trying to run an application, with configuration below

 

"pccs_url": "https://<<attestation url>>/certs",

"use_secure_cert": true,

"collateral_service": "https://<<attestation url>>/certs"

"local_pck_url": "https://<<attestation url>>/certs"

 

It always throws No Evidence provided on handshake data, and some time pckcert Wrong tag.

 

Can someone help what could the process to make the application run without errors?

 

Thanks

 

Labels (3)
0 Kudos
1 Reply
Scott_R_Intel
Moderator
170 Views

Hello.

 

If you're trying to download PCK Certs for Azure platforms directly from Intel, you cannot.  You need to get the platform PCK Certs for Azure platforms from their THIMS service.  Please refer to the config file linked below for the correct URLs:

 

https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/main/QuoteGeneration/qcnl/linux/sgx_default_qcnl_azure.conf

 

Regards.

0 Kudos
Reply