Certificate Errors on deployment

[marioolf]

Environment

I am using Ubuntu 20.04 with SGX 2.17. Installed Teaclave with the following:

sudo docker run --rm -v $(pwd):/teaclave -w /teaclave \
  -it teaclave/teaclave-build-ubuntu-2004-sgx-dcap-1.14:0.2.0 \
   bash -c ". /root/.cargo/env && \
     . /opt/sgxsdk/environment && \
     mkdir -p build && cd build && \
     git config --global --add safe.directory '*' && \
     cmake -DTEST_MODE=ON -DDCAP=ON .. && \
     make -j"

Set environment variables:

export AS_SPID="00000000000000000000000000000000"
export AS_KEY="00000000000000000000000000000000"
export AS_ALGO="sgx_ecdsa"
export AS_URL="https://10.5.4.242:8081"
export TEACLAVE_LOG=trace

Modified build.config.toml so it used DCAP cert.

# Intel Attestation Service root CA certificate to verify attestation report
# as_root_ca_cert = { path = "config/keys/ias_root_ca_cert.pem" }
# For DCAP, use the following cert
as_root_ca_cert = { path = "config/keys/dcap_root_ca_cert.pem" }

AESM service:

● aesmd.service - Intel(R) Architectural Enclave Service Manager
     Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-12-12 17:51:37 UTC; 57min ago
    Process: 20825 ExecStartPre=/opt/intel/sgxpsw/aesm/linksgx.sh (code=exited, status=0/SUCCESS)
    Process: 20834 ExecStartPre=/bin/mkdir -p /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 20836 ExecStartPre=/bin/chown -R aesmd:aesmd /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 20837 ExecStartPre=/bin/chmod 0755 /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 20838 ExecStartPre=/bin/chown -R aesmd:aesmd /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 20839 ExecStartPre=/bin/chmod 0750 /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 20840 ExecStart=/opt/intel/sgxpsw/aesm/aesm_service (code=exited, status=0/SUCCESS)
   Main PID: 20841 (aesm_service)
      Tasks: 4 (limit: 38387)
     Memory: 3.3M
     CGroup: /system.slice/aesmd.service
             └─20841 /opt/intel/sgxpsw/aesm/aesm_service

dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Try memory cache...
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Try remote service...
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Request URL https://10.5.4.242:8081/sgx/certification/v3/pck>...
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] HTTP status code: 200
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Try memory cache...
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Retrieved PCK certchain from memory cache successfully.
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Try memory cache...
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Retrieved PCK certchain from memory cache successfully.
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Try memory cache...
dic 12 17:51:47 teaclave-vm aesm_service[20841]: [QCNL] Retrieved PCK certchain from memory cache successfully.

PCCS Service

● pccs.service - Provisioning Certificate Caching Service (PCCS)
     Loaded: loaded (/lib/systemd/system/pccs.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-12-12 13:59:48 CET; 5h 56min ago
       Docs: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs/README.md
   Main PID: 4156670 (node)
      Tasks: 15 (limit: 538088)
     Memory: 37.3M
        CPU: 2.672s
     CGroup: /system.slice/pccs.service
             └─4156670 /usr/bin/node /opt/intel/sgx-dcap-pccs/pccs_server.js

Dec 12 13:59:48 syp-s1 systemd[1]: Started Provisioning Certificate Caching Service (PCCS).
Dec 12 13:59:50 syp-s1 node[4156670]: 2023-12-12 13:59:50.003 [info]: HTTPS Server is running on: https://localhost:>
Dec 12 18:51:47 syp-s1 node[4156670]: 2023-12-12 18:51:47.805 [info]: Client Request-ID : 999f8a12d6474051b90a2ec262>
Dec 12 18:51:47 syp-s1 node[4156670]: 2023-12-12 18:51:47.832 [info]: 192.168.122.158 - - [12/Dec/2023:17:51:47

Error

Now on ./run-teaclave-services.sh

teaclave-frontend-service          | [ERROR teaclave_frontend_service_enclave] Failed to run service: invalid peer certificate: Other(UnsupportedCertVersion)
teaclave-frontend-service          | [2023-12-12T18:58:34Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 69, 114, 114, 34, 58, 34, 83, 101, 114, 118, 105, 99, 101, 69, 114, 114, 111, 114, 34, 125]
teaclave-frontend-service          | [2023-12-12T18:58:34Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1002, 4 bytes
teaclave-frontend-service          | [TRACE teaclave_frontend_service_enclave] tee receive cmd: 1002, input_buf = [110, 117, 108, 108]
teaclave-frontend-service          | [DEBUG teaclave_frontend_service_enclave] handle_invoke
teaclave-frontend-service          | [DEBUG teaclave_service_enclave_utils] Enclave finalizing
teaclave-frontend-service          | [DEBUG teaclave_service_enclave_utils] g_peak_heap_used: 614400
teaclave-frontend-service          | [DEBUG teaclave_service_enclave_utils] g_peak_rsrv_mem_committed: 0
teaclave-frontend-service          | [2023-12-12T18:58:34Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 79, 107, 34, 58, 110, 117, 108, 108, 125]
teaclave-frontend-service          | [2023-12-12T18:58:34Z DEBUG teaclave_binder::binder] Dropping TeeBinder, start finalize().
teaclave-frontend-service          | [2023-12-12T18:58:34Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1002, 4 bytes
teaclave-frontend-service          | [2023-12-12T18:58:34Z ERROR teaclave_binder::ipc::app] ecall_ipc_entry_point, app sgx_error:InvalidEcnalveId
teaclave-frontend-service          | [2023-12-12T18:58:34Z ERROR teaclave_binder::binder] IpcError(SgxError(InvalidEcnalveId))
teaclave-frontend-service exited with code 0

Maybe a problem of self-signed certificates from PCCS? PCCS is on V3.

Thanks in advance.

[marioolf]

Update: I could solve UnsupportedCertVersion error, I had to create a new cert for pccs but with version 3, since it was on version 1, that solved the error. Now I get UnknownIssuer error, which I guess it's because the certificate is a self signed one. I don't know if teaclave has some option to allow that kind of certs.

[ERROR teaclave_sgx_tool_enclave] Failed to attest: invalid peer certificate: UnknownIssuer
[2023-12-13T12:37:33Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 69, 114, 114, 34, 58, 34, 83, 101, 114, 118, 105, 99, 101, 69, 114, 114, 111, 114, 34, 125]
[2023-12-13T12:37:33Z DEBUG teaclave_binder::binder] Dropping TeeBinder, start finalize().
[2023-12-13T12:37:33Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1002, 4 bytes
[TRACE teaclave_sgx_tool_enclave] tee receive cmd: 1002, input_buf = [110, 117, 108, 108]
[DEBUG teaclave_sgx_tool_enclave] handle_invoke
[DEBUG teaclave_service_enclave_utils] Enclave finalizing
[DEBUG teaclave_service_enclave_utils] g_peak_heap_used: 188416
[DEBUG teaclave_service_enclave_utils] g_peak_rsrv_mem_committed: 0
[2023-12-13T12:37:33Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 79, 107, 34, 58, 110, 117, 108, 108, 125]
Error: ServiceError

[henrysun007]

It might help for diagnosis if you put the logs of the DCAP, PCCS and other related services.

[yangfh2004]

Hi, if you are using a self-signed certificate for your PCCS service, there are a few things to pay attention:

1. Open the configuration file for your DCAP attestation under the path /etc/sgx_default_qcnl.conf, and make sure that "use_secure_cert": false
2. Make sure that you are pointing at the correct address under the file pccs_url
3. Use example codes in https://github.com/intel/SGXDataCenterAttestationPrimitives to verify your PCCS works correctly
4. Watch the logs of your PCCS service

[marioolf]

Update: Installed 1.14 version of PCCS on my VM, error is the same, configuration file /etc/sgx_default_qcnl.conf is working well since changes on certs reflect on error logs on teaclave. Sample codes also work as they should. Also ,neither aesmd or pccs services show any errors.

[marioolf]

Some more maybe useful information:

/etc/sgx_default_qcnl.conf content:

{                                                                                                                     
// *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them.                                                                                                                                     
//PCCS server address
"pccs_url": "https://localhost:8082/sgx/certification/v3/",
// To accept insecure HTTPS certificate, set this option to false
"use_secure_cert": false,                                                                                                                                                                                                                 // You can use the Intel PCS or another PCCS to get quote verification collateral.  Retrieval of PCK
// Certificates will always use the PCCS described in PCCS_URL.  When COLLATERAL_SERVICE is not defined, both
// PCK Certs and verification collateral will be retrieved using PCCS_URL
"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v3/",

pccs:

pccs.service - Provisioning Certificate Caching Service (PCCS)
     Loaded: loaded (/lib/systemd/system/pccs.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2023-12-28 13:02:49 UTC; 1h 11min ago
       Docs: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs/README.md
   Main PID: 38890 (node)
      Tasks: 11 (limit: 38387)
     Memory: 69.3M
     CGroup: /system.slice/pccs.service
             └─38890 /usr/bin/node -r esm /opt/intel/sgx-dcap-pccs/pccs_server.js

dic 28 13:02:49 teaclave-vm systemd[1]: Started Provisioning Certificate Caching Service (PCCS).
dic 28 13:02:49 teaclave-vm node[38890]: Thu, 28 Dec 2023 13:02:49 GMT morgan deprecated default format: use combined format at node_modules/esm/esm.js:1:278827
dic 28 13:02:52 teaclave-vm node[38890]: 2023-12-28 13:02:52.187 [info]: HTTPS Server is running on: https://localhost:8082

aesm:

aesmd.service - Intel(R) Architectural Enclave Service Manager
Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2023-12-21 16:33:10 UTC; 6 days ago
Main PID: 940 (aesm_service)
Tasks: 4 (limit: 38387)
Memory: 16.3M                                                                                                                                                                                                                                CGroup: /system.slice/aesmd.service
└─940 /opt/intel/sgx-aesm-service/aesm/aesm_service

dic 28 14:07:43 teaclave-vm aesm_service[940]: [QCNL] Try memory cache...
dic 28 14:07:43 teaclave-vm aesm_service[940]: [QCNL] Retrieved PCK certchain from memory cache successfully.
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Try memory cache...
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Retrieved PCK certchain from memory cache successfully.
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Try memory cache...
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Retrieved PCK certchain from memory cache successfully.
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Try memory cache...
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Retrieved PCK certchain from memory cache successfully.
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Try memory cache...
dic 28 14:07:47 teaclave-vm aesm_service[940]: [QCNL] Retrieved PCK certchain from memory cache successfully.

[yangfh2004]

It seems that your PCCS service does not log any input or output. Whenever I make SGX DCAP quote, the PCCS service shall log every single API call, its input and output. It seems that either your PCCS log level is too high or you are pointing at the wrong PCCS service.

I suggest that you revise the configuration file /opt/intel/sgx-dcap-pccs/config/default.json and change the LogLevel to info or debug, as long as you make the DCAP quote, you will see much more information from the PCCS service log, don't forget to restart the service after you update the configuration file.

[marioolf]

So I changed LogLevel to debug in /opt/intel/sgx-dcap-pccs/config/default.json:

{
"HTTPS_PORT" : 8082,
"hosts" : "0.0.0.0",
"uri": "https://api.trustedservices.intel.com/sgx/certification/v3/",
...
"LogLevel" : "debug",

Now once I restart pccs service, I run sudo -E ./teaclave_sgx_tool attestation --url https://localhost:8082 --algorithm sgx_ecdsa to test atttestation. Output is the following:

[ERROR teaclave_sgx_tool_enclave] Failed to attest: invalid peer certificate: Other(UnsupportedCertVersion)          
[2024-01-03T10:35:40Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 69, 
114, 114, 34, 58, 34, 83, 101, 114, 118, 105, 99, 101, 69, 114, 114, 111, 114, 34, 125]                                  
[2024-01-03T10:35:40Z DEBUG teaclave_binder::binder] Dropping TeeBinder, start finalize().                           
[2024-01-03T10:35:40Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1002, 4 bytes                           
[TRACE teaclave_sgx_tool_enclave] tee receive cmd: 1002, input_buf = [110, 117, 108, 108]                            
[DEBUG teaclave_sgx_tool_enclave] handle_invoke                                                                      
[DEBUG teaclave_service_enclave_utils] Enclave finalizing                                                            
[DEBUG teaclave_service_enclave_utils] g_peak_heap_used: 180224                                                      
[DEBUG teaclave_service_enclave_utils] g_peak_rsrv_mem_committed: 0                                                 
[2024-01-03T10:35:40Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 79, 107, 34, 58, 110, 117, 108, 108, 125]                                                                                    
Error: ServiceError

PCCS show the following:

● pccs.service - Provisioning Certificate Caching Service (PCCS)
     Loaded: loaded (/lib/systemd/system/pccs.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-01-03 10:40:22 UTC; 2min 0s ago
       Docs: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs/README.md
   Main PID: 96704 (node)
      Tasks: 11 (limit: 38387)
     Memory: 68.4M
     CGroup: /system.slice/pccs.service
             └─96704 /usr/bin/node -r esm /opt/intel/sgx-dcap-pccs/pccs_server.js

ene 03 10:40:22 teaclave-vm systemd[1]: Started Provisioning Certificate Caching Service (PCCS).
ene 03 10:40:22 teaclave-vm node[96704]: Wed, 03 Jan 2024 10:40:22 GMT morgan deprecated default format: use combined format at node_modules/esm/esm.js:1:278827
ene 03 10:40:25 teaclave-vm node[96704]: 2024-01-03 10:40:25.129 [info]: HTTPS Server is running on: https://localhost:8082

Although log doesn't show more info I must be pointing at the right service, because if I change pccs cert to a v3 cert, error changes as I said to [ERROR teaclave_sgx_tool_enclave] Failed to attest: invalid peer certificate: UnknownIssuer

In fact, command curl -v -k -G "https://localhost:8082/sgx/certification/v3/rootcacrl" returns what it should,

[marioolf]

So doing some testing I used the keys located at /incubator-teaclave/config/keys to try to bypass the error. I used dcap_server_cert.pem and dcap_server_key.pem as my pccs certificate and private key (since the other way around didn't work as it outputs the same error). I was able to solve the issue that way by now, after that, I encountered the following after sudo -E ./teaclave_sgx_tool attestation --url https://localhost:8082 --algorithm sgx_ecdsa:

[TRACE teaclave_attestation::service] HTTP/1.1 404 Not Found                                                             
X-Powered-By: Express                                                                                                
Request-ID: 0e4fa148a288438da52437c0b7db823c                                                                         
Content-Security-Policy: default-src 'none'                                                                          
X-Content-Type-Options: nosniff                                                                                      
Content-Type: text/html; charset=utf-8                                                                               
Content-Length: 169                                                                                                  
Date: Thu, 04 Jan 2024 16:06:15 GMT                                                                                  
Connection: close                                                                                                                                                                                                                         <!DOCTYPE html>                                                                                                      
<html lang="en">                                                                                                    
 <head>                                                                                                               
<meta charset="utf-8">                                                                                               
<title>Error</title>                                                                                                 
</head>                                                                                                              
<body>                                                                                                               
<pre>Cannot POST /sgx/dev/attestation/v4/report</pre>                                                                
</body>                                                                                                              
</html>         
                                                                                                                                                                                                                      [DEBUG teaclave_attestation::service] http_response.parse                                                           
[DEBUG teaclave_attestation::service] Attestation service responds an unknown error                                  
[ERROR teaclave_sgx_tool_enclave] Failed to attest: Attestation service responds an unknown error.

Also pccs service now shows some log info:

ene 04 16:06:15 teaclave-vm node[98964]: 2024-01-04 16:06:15.686 [info]: Client Request-ID : 0e4fa148a288438da52437c0b7db823c
ene 04 16:06:15 teaclave-vm node[98964]: 2024-01-04 16:06:15.694 [info]: 127.0.0.1 - - [04/Jan/2024:16:06:15 +0000] "POST /sgx/dev/attestation/v4/report HTTP/1.1" 404 169 "-" "-"

[yangfh2004]

Something messed up, it calls EPID attestation API to the DCAP PCCS service. Just let you know that you cannot generate a "report" like EPID attestation with DCAP attestation. You will generate a quote from PCCS service if you did everything correctly since you claim that you ran the QuoteGeneration from Intel successfully, I assume that you know this, and you shall be able to generate a quote and verify the quote. So the client machine will verify the quote generated by the remote server. You don't need any report from Intel. All attestation collaterals shall be cached locally in the PCCS service.

[marioolf]

Yes I am aware of all of that, so I am assuming it is a configuration issue from my teaclave? Since it is the one who is making those requests. Maybe there is some config I should change bu I couldn't find propper DCAP deployment documentation.

Also:

admin-ubuntu@teaclave-vm:/opt/intel/SGXDataCenterAttestationPrimitives/SampleCode/QuoteGenerationSample$ ./app                                                                                                                            
Step1: Call sgx_qe_get_target_info:succeed!                                                                          
Step2: Call create_app_report:succeed!                                                                               
Step3: Call sgx_qe_get_quote_size:succeed!                                                                           
Step4: Call sgx_qe_get_quote:succeed!cert_key_type = 0x5

[yangfh2004]

Yes I am aware of all of that, so I am assuming it is a configuration issue from my teaclave? Since it is the one who is making those requests. Maybe there is some config I should change bu I couldn't find propper DCAP deployment documentation.

Also:

admin-ubuntu@teaclave-vm:/opt/intel/SGXDataCenterAttestationPrimitives/SampleCode/QuoteGenerationSample$ ./app                                                                                                                            
Step1: Call sgx_qe_get_target_info:succeed!                                                                          
Step2: Call create_app_report:succeed!                                                                               
Step3: Call sgx_qe_get_quote_size:succeed!                                                                           
Step4: Call sgx_qe_get_quote:succeed!cert_key_type = 0x5

https://www.intel.com/content/www/us/en/developer/articles/guide/intel-software-guard-extensions-data-center-attestation-primitives-quick-install-guide.html This is the best official doc I can find from Intel. For the teaclave, I am afraid that you might need to trace down the source code and find out why. If there is a bug, you may submit a PR to fix it.

[marioolf]

I might need to trace down source code, nevertheless, I am only able to bypass the certificate error using the attestation tool to test it, if I try to load teaclave services, I get NotValidForName error, using teaclave DCAP certificates on PCCS service. So I guess there should be another solution to make it work. It would be great to know if PCCS needs some particular type of certificates or some kind of config needs to be changed to make it work.

teaclave-authentication-service    | [DEBUG teaclave_attestation::platform::sgx] ocall_sgx_get_quote
teaclave-authentication-service    | [DEBUG teaclave_attestation::platform::sgx] sgx verify report
teaclave-access-control-service    | [TRACE rustls::client::client_conn] EarlyData rejected
teaclave-authentication-service    | [DEBUG teaclave_attestation::platform::sgx] sgx sha256 slice
teaclave-authentication-service    | [DEBUG teaclave_attestation::service] get_report
teaclave-access-control-service    | [TRACE rustls::conn] Dropping CCS
teaclave-access-control-service    | [DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: []
teaclave-authentication-service    | [TRACE teaclave_attestation::service] POST /sgx/dev/attestation/v4/report HTTP/1.1
teaclave-authentication-service    |     HOST: 172.17.0.1
teaclave-authentication-service    |     Ocp-Apim-Subscription-Key: 00000000000000000000000000000000
teaclave-authentication-service    |     Connection: Close
teaclave-authentication-service    |     Content-Length: 6334
teaclave-authentication-service    |     Content-Type: application/json
teaclave-authentication-service    |     
teaclave-authentication-service    |     {"isvEnclaveQuote":"AwACAAAAAAAIAA0Ak5pyM/ecTKmUCg2zlX8GB0dalgfhMXFAFe27s3vcx64AAAAACw0QD///AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAAAAADnAAAAAAAAAHwfecnmm1QBCa4W7UcC2/XNhE9gLeDIg5t09O7T13f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACD1xnnferKFHD2uvYqTXdDA8iZ22kCD5xw7h38CMfOngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKjBywACcWAXi38PHqOTE03JrkfERRgiEMS49ky4xxxjzHcPj9QXQ0/sQNq6mBG6NzRa4ZOsQcwVeAKl29lv6LyRAAAKt9/e6gfVLPQLK1UCJDnQEqEw4zMICsnqFefGXZk14Nd3tpDBrFJxmnVBqdO89mOegDVXOfvKVkGNGY8ftN9V0hmhosm+Wf7U6JcVif56CdZIp1BqS7XDJtfjOzabrIJECp/Ep8kP3M+XfHO8T6PJ+8w1/uYU7PuQS1C64u6CLzCw0QD///AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFQAAAAAAAADnAAAAAAAAAIzlhoW+NuRhh8Izx+me1v5127M/dWetohewd+zYz4L5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMT1d115ZQPpYTf3fGioKaAFasje1wFAsIGwlEkMV7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqS6/fjR4y6gHK9tNpIcS/gEmcVshtWFHRyExBUyQBCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh9lFIKCJWBuRZv6JtBt1P0EhuXLrp43IN1j6KxP/OK5DRl9NnDsZhwT79BVan3xkxjav1zmC0MNeedYwwgEZACAAAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8FAGEOAAAtLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRThqQ0NCSmlnQXdJQkFnSVVBTWNIOFJMeUhURXBTdml2M09Qa08xTm9tSUl3Q2dZSUtvWkl6ajBFQXdJdwpjREVpTUNBR0ExVUVBd3daU1c1MFpXd2dVMGRZSUZCRFN5QlFiR0YwWm05eWJTQkRRVEVhTUJnR0ExVUVDZ3dSClNXNTBaV3dnUTI5eWNHOXlZWFJwYjI0eEZEQVNCZ05WQkFjTUMxTmhiblJoSUVOc1lYSmhNUXN3Q1FZRFZRUUkKREFKRFFURUxNQWtHQTFVRUJoTUNWVk13SGhjTk1qTXhNakkzTVRBek1UUTRXaGNOTXpBeE1qSTNNVEF6TVRRNApXakJ3TVNJd0lBWURWUVFEREJsSmJuUmxiQ0JUUjFnZ1VFTkxJRU5sY25ScFptbGpZWFJsTVJvd0dBWURWUVFLCkRCRkpiblJsYkNCRGIzSndiM0poZEdsdmJqRVVNQklHQTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJnTlYKQkFnTUFrTkJNUXN3Q1FZRFZRUUdFd0pWVXpCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQkthUApxWlNTOERUNVVyMHhEWmlEQnhPRDNZT0o5YzBJN3BCanNSOUo5OW95enVJbm9qZlE4eE9oUExwb3lrcU9kWkxJCjkxZXA1VkUzZW5JRGhRYWtrZCtqZ2dNT01JSURDakFmQmdOVkhTTUVHREFXZ0JTVmIxM052UnZoNlVCSnlkVDAKTTg0QlZ3dmVWREJyQmdOVkhSOEVaREJpTUdDZ1hxQmNobHBvZEhSd2N6b3ZMMkZ3YVM1MGNuVnpkR1ZrYzJWeQpkbWxqWlhNdWFXNTBaV3d1WTI5dEwzTm5lQzlqWlhKMGFXWnBZMkYwYVc5dUwzWXpMM0JqYTJOeWJEOWpZVDF3CmJHRjBabTl5YlNabGJtTnZaR2x1Wnoxa1pYSXdIUVlEVlIwT0JCWUVGS3N4OUNLRXJyWVlUblk2TEVXbi9IYTIKMkQ5dE1BNEdBMVVkRHdFQi93UUVBd0lHd0RBTUJnTlZIUk1CQWY4RUFqQUFNSUlDT3dZSktvWklodmhOQVEwQgpCSUlDTERDQ0FpZ3dIZ1lLS29aSWh2aE5BUTBCQVFRUVQya2pFcU01MTBZNFFkR1Z3Qk9kTkRDQ0FXVUdDaXFHClNJYjRUUUVOQVFJd2dnRlZNQkFHQ3lxR1NJYjRUUUVOQVFJQkFnRUxNQkFHQ3lxR1NJYjRUUUVOQVFJQ0FnRUwKTUJBR0N5cUdTSWI0VFFFTkFRSURBZ0VETUJBR0N5cUdTSWI0VFFFTkFRSUVBZ0VETUJFR0N5cUdTSWI0VFFFTgpBUUlGQWdJQS96QVJCZ3NxaGtpRytFMEJEUUVDQmdJQ0FQOHdFQVlMS29aSWh2aE5BUTBCQWdjQ0FRRXdFQVlMCktvWklodmhOQVEwQkFnZ0NBUUF3RUFZTEtvWklodmhOQVEwQkFna0NBUUF3RUFZTEtvWklodmhOQVEwQkFnb0MKQVFBd0VBWUxLb1pJaHZoTkFRMEJBZ3NDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZ3dDQVFBd0VBWUxLb1pJaHZoTgpBUTBCQWcwQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWc0Q0FRQXdFQVlMS29aSWh2aE5BUTBCQWc4Q0FRQXdFQVlMCktvWklodmhOQVEwQkFoQUNBUUF3RUFZTEtvWklodmhOQVEwQkFoRUNBUTB3SHdZTEtvWklodmhOQVEwQkFoSUUKRUFzTEF3UC8vd0VBQUFBQUFBQUFBQUF3RUFZS0tvWklodmhOQVEwQkF3UUNBQUF3RkFZS0tvWklodmhOQVEwQgpCQVFHTUdCcUFBQUFNQThHQ2lxR1NJYjRUUUVOQVFVS0FRRXdIZ1lLS29aSWh2aE5BUTBCQmdRUU1BVmNGY25DCnVBWERtdWtwMW0xYnhUQkVCZ29xaGtpRytFMEJEUUVITURZd0VBWUxLb1pJaHZoTkFRMEJCd0VCQWY4d0VBWUwKS29aSWh2aE5BUTBCQndJQkFRQXdFQVlMS29aSWh2aE5BUTBCQndNQkFRQXdDZ1lJS29aSXpqMEVBd0lEU0FBdwpSUUlnQzF6b2lkbEcvaWxWdlBEUFhzZkw2RmpGa0JxbDg5OFdqdno5MG55NDhsSUNJUUNxMmFzbmcyaFdNMmY1Ci9XS0h5NmI3OVljWDdIdmRoc1B2amc0M005S2UwZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNsakNDQWoyZ0F3SUJBZ0lWQUpWdlhjMjlHK0hwUUVuSjFQUXp6Z0ZYQzk1VU1Bb0dDQ3FHU000OUJBTUMKTUdneEdqQVlCZ05WQkFNTUVVbHVkR1ZzSUZOSFdDQlNiMjkwSUVOQk1Sb3dHQVlEVlFRS0RCRkpiblJsYkNCRApiM0p3YjNKaGRHbHZiakVVTUJJR0ExVUVCd3dMVTJGdWRHRWdRMnhoY21FeEN6QUpCZ05WQkFnTUFrTkJNUXN3CkNRWURWUVFHRXdKVlV6QWVGdzB4T0RBMU1qRXhNRFV3TVRCYUZ3MHpNekExTWpFeE1EVXdNVEJhTUhBeElqQWcKQmdOVkJBTU1HVWx1ZEdWc0lGTkhXQ0JRUTBzZ1VHeGhkR1p2Y20wZ1EwRXhHakFZQmdOVkJBb01FVWx1ZEdWcwpJRU52Y25CdmNtRjBhVzl1TVJRd0VnWURWUVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNBd0NRMEV4CkN6QUpCZ05WQkFZVEFsVlRNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVOU0IvN3QyMWxYU08KMkN1enB4dzc0ZUpCNzJFeURHZ1c1clhDdHgydFZUTHE2aEtrNnorVWlSWkNucVI3cHNPdmdxRmVTeGxtVGxKbAplVG1pMldZejNxT0J1ekNCdURBZkJnTlZIU01FR0RBV2dCUWlaUXpXV3AwMGlmT0R0SlZTdjFBYk9TY0dyREJTCkJnTlZIUjhFU3pCSk1FZWdSYUJEaGtGb2RIUndjem92TDJObGNuUnBabWxqWVhSbGN5NTBjblZ6ZEdWa2MyVnkKZG1salpYTXVhVzUwWld3dVkyOXRMMGx1ZEdWc1UwZFlVbTl2ZEVOQkxtUmxjakFkQmdOVkhRNEVGZ1FVbFc5ZAp6YjBiNGVsQVNjblU5RFBPQVZjTDNsUXdEZ1lEVlIwUEFRSC9CQVFEQWdFR01CSUdBMVVkRXdFQi93UUlNQVlCCkFmOENBUUF3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnWHNWa2kwdytpNlZZR1czVUYvMjJ1YVhlMFlKRGoxVWUKbkErVGpEMWFpNWNDSUNZYjFTQW1ENXhrZlRWcHZvNFVveWlTWXhyRFdMbVVSNENJOU5LeWZQTisKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJQ2p6Q0NBalNnQXdJQkFnSVVJbVVNMWxxZE5JbnpnN1NWVXI5UUd6a25CcXd3Q2dZSUtvWkl6ajBFQXdJdwphREVhTUJnR0ExVUVBd3dSU1c1MFpXd2dVMGRZSUZKdmIzUWdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnNJRU52CmNuQnZjbUYwYVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUoKQmdOVkJBWVRBbFZUTUI0WERURTRNRFV5TVRFd05EVXhNRm9YRFRRNU1USXpNVEl6TlRrMU9Wb3dhREVhTUJnRwpBMVVFQXd3UlNXNTBaV3dnVTBkWUlGSnZiM1FnUTBFeEdqQVlCZ05WQkFvTUVVbHVkR1ZzSUVOdmNuQnZjbUYwCmFXOXVNUlF3RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5WVRFTE1Ba0dBMVVFQ0F3Q1EwRXhDekFKQmdOVkJBWVQKQWxWVE1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRUM2bkV3TURJWVpPai9pUFdzQ3phRUtpNwoxT2lPU0xSRmhXR2pibkJWSmZWbmtZNHUzSWprRFlZTDBNeE80bXFzeVlqbEJhbFRWWXhGUDJzSkJLNXpsS09CCnV6Q0J1REFmQmdOVkhTTUVHREFXZ0JRaVpReldXcDAwaWZPRHRKVlN2MUFiT1NjR3JEQlNCZ05WSFI4RVN6QkoKTUVlZ1JhQkRoa0ZvZEhSd2N6b3ZMMk5sY25ScFptbGpZWFJsY3k1MGNuVnpkR1ZrYzJWeWRtbGpaWE11YVc1MApaV3d1WTI5dEwwbHVkR1ZzVTBkWVVtOXZkRU5CTG1SbGNqQWRCZ05WSFE0RUZnUVVJbVVNMWxxZE5JbnpnN1NWClVyOVFHemtuQnF3d0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFFd0NnWUkKS29aSXpqMEVBd0lEU1FBd1JnSWhBT1cvNVFrUitTOUNpU0RjTm9vd0x1UFJMc1dHZi9ZaTdHU1g5NEJnd1R3ZwpBaUVBNEowbHJIb01zK1hvNW8vc1g2TzlRV3hIUkF2WlVHT2RSUTdjdnFSWGFxST0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="}
teaclave-access-control-service    | [DEBUG rustls::client::hs] ALPN protocol is None
teaclave-authentication-service    | [DEBUG rustls::anchors] add_parsable_certificates processed 1 valid and 0 invalid certs
teaclave-access-control-service    | [TRACE rustls::client::tls13] Server cert is [Certificate(b"0\x82\x0520\x82\x03\x1a\xa0\x03\x02\x01\x02\x02\x14M\x9d\xab\x81\xdap\xaf\x92s\xa7_\x0e\xd2\x84Py\x99\xb3\xa8\xf20\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\00K1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x0b0\t\x06\x03U\x04\x08\x0c\x02CA1\x140\x12\x06\x03U\x04\n\x0c\x0bTeaclave CA1\x190\x17\x06\x03U\x04\x03\x0c\x10Teaclave Root CA0\x1e\x17\r200205190921Z\x17\r300202190921Z0A1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x0b0\t\x06\x03U\x04\x08\x0c\x02CA1\x110\x0f\x06\x03U\x04\n\x0c\x08Teaclave1\x120\x10\x06\x03U\x04\x03\x0c\tlocalhost0\x82\x02\"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\0\x03\x82\x02\x0f\00\x82\x02\n\x02\x82\x02\x01\0\xf0\x19b\x8ftM\xfeP\xa1lbyGT\xb0\xa6t\x96\xad\xd7{K,Y\xf7d\xaf\xf9\x92J\xbb\xe9:\xa1tz-\xb6\xfa\xffJ\n\xad.=\xca\x878\"YXd\xe4\xb4b\x0b\xear\x99\xf9\xa4\xf3\xfd\xb8E\\*$l\xa1C\xbdzP\x99K\xde\xd2L\xd8\xecP\x98\xbbi\x95\x97\x88v\xf4\x18\xc7\xd8\xe56H\x81\xc4\xc8\t\x1b\x03{\xdes5`p!\x90\x13\xd7\xb4\x97\xef\xcdp/\xc2\xd7|@K\x0e\xb8\xd5n}\rH\x01\x81|R\x0euw\x17+Y\xfd\n\xa3\xb3\xcb\x1f\x0boQ\xa6\xa0\x9f\x05\xd0\xd0\xff6X\x07\xb6\xcaBx\xc3\x99\xf8\x92(pl\xf0\xa4\xa2\xe48K\xc3\x85\x94\x02\xb6\\HAZ\xe0P=m\xd0\x87\xc5j\xa3=Q\xd2[C\xa2v`\xb0>\x93\xadE\x90\x7fj\x04\xb2]LX,\xd8\x84\x8e`8\x80b\x86\x98P\xb4\x16\xc6!\x02\x97\xc5qn\x8d\xb0\xfa\xb0\x87\x06\xa5?\x17\x88\xa2\xe4\x9d\xeeU\xc8\xb1\xa3\x94\x10\xe4\xfcT\x8e\x8a\n#\x94y_\xb8\xd7\x0e\x14\xe5\xb7{\x1d=\xf8E\xed\xb8\x9f \x13s\x1emd\x03u\xc1\"\xa0-}\x990\x8fB\t\xe0^\xb9\x0e\xb3Tg\xd6\xe2\x85\xe1\x8f\x10\xc4\xa2\xd1\xd5\x8e\x93uXR\x8a^\x1f[\xd1\xcd'\xa5\xc0\xc1\xd6\xd4{\x8f\xad\xa0\xecZ\x1b2\x9fI\x01\xd6\x87\x86xw,'\xc7\xda\xcf\x1f\x06\xc2\xcd\xa1f\xb9\x1f]\x86b8\xf3Y \x95\xab\xc4A?;o\xa2\xd8\nTx\xb4\xd3\xed[\xac\xa3f\x9b\\Y/\x9ao\xd6\xedp\xcf\xbb\xfb\x13I\x04Do\xa6\xb7/\x1bDRfZ\xd8\xd0`\x84]\x93\xd0\xb5\x88\r\x0eb%/\x1c\x89\x14/\x05\xd5B5\xa8\x89*\xe2\x84\xb2Q\x84\x82\xf2\x8f\x1c\xae\xf1\xa1\xe30*L<\xf9Fwz\xa8\xb8[\x0f\xd19\x873\x131gO\x84\x96\xe8\x029\xfd;\x184\xca\x0b\xb8)+\x9a\x17\xe6\xd8\xb3\xbd\xbd\x89\xd7\xf8\xc2\xffd-\te\xf1\xf9\x1e\x19\xeeX\x9b\x94\xc4\xc7\xce#/\x02\x03\x01\0\x01\xa3\x180\x160\x14\x06\x03U\x1d\x11\x04\r0\x0b\x82\tlocalhost0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\0\x03\x82\x02\x01\0K\xcb\xa5?4\x08\x88\xcb\x038\xcd\xdb\xa5\xa9\x90\xf9\xfb9\x9e\xc8M\x11\xbb\xbf2\xb8uJ\x8f'\x8b\xda/ \xe6\xe9\t\x19\xbb\xcb7\xc0\xd5\x07\x9b\x81\x14\x7f\xc0\x86\x8a\r8\x1f6=\r\x11\x1c%\xbeN\x8a\x88Ba;X\xcb\x83+\xb5\x17\n\xd8\xb9\xcb4\xe8\tK\xcb\n)\xb4[\x85\x19XL#\xf8\xd7a\xc2\xa1\xb6\x9d\xbc\xef1~\xf4!?[\xa88bJpC\xbd\xc7\xc3\xfam2\x82\xd4ITH\xfd\xd5u\x12C<\xb3\xdc\t\xe9\x9fZ\x8b\xae\xc8\xe1h\xdb3\xea\x13\x98\xfb\xfdGW\x95C\xde\xed)\xe0\xd0\xfd \x1a?\xdd\xd4\xcd\xa9W\x8cC\xd0\xc9\xf7\xcf\xe7m\xc4MK\xdf\xdaZ[\xd9[8\x035\xd5\x96\xc7&\xa4\xe4\x04C\xd4\xb9\x82\x19Z\xacR\xdd\nb\xd8Z@(\xb2\xe2E\rzU\xe5\xe0\xb6\xb1\xe6\x82Pe\xa5C\x94\xad\x80\\AF\xd5\x8azV;z4\x1c\x97}\x0e\xe2sr\xbfq\x8b\x030\xffG&\x05=_\xdfc7\xbb(\xff\xc4d\x9f\x05\xf6 \xeboY\xef\x9d\x88\xbb\x1a\x98e\xa7\x0872\xf0\x16'<\xa2U\xf1\"\x9d\x8c\xfe\x804\x9c\xe8;@L-%V8~\xdd\xb3\xff\x92\x8c\xd3\x19\xde\xcaD\xfe\x9a\xc4\x0f[\xbc\x0f>\xb0O\xc8:\xec\xac\xd6\x83sg\xc5r2\x06\xd9\x902?\x83\t[P\xa4\x83\xb3<]\x9f/\xc5\xec\xfc-\xe5#q\xb8}w\xfbjd\x80\x87\xd5\rH\x84\x9d\xa3p\x01wlu\0uj!\xe4\xaeG\xc2\x84\x15W!\xd2B\x95C\xf2\xf1V\xe7<G\xb3\x10j\x8f\xdf\xe8\xc0\xd5\x12y\xefN\xac \x05\x9e\x9e\x03\x80\xd3kA6\xff\xd4\x18\x051k\x94\x86\x15\xb9\x1b*\xf9mC\xdf6,l\xce\xa8\xde4\x8f\xe64\xaf}\xde\x10]*+\xb4\x9b\xea\x1b%\x1c2\xe8^\xed\xc3\xbcA\xbe:m?\xe5\x1aeA\x89\xf7'\xdb\xe0\x01D\xdd\xeb\x0f\xba\xa1\x96F-\xfa\x9fEz\xaa\xf3\xa9\x17\xcd\xb8Mc\xbd\xdf\xdcAa\xcb\x88\xea\xc9m")]
teaclave-execution-service         | [2024-01-05T11:07:21Z TRACE teaclave_config::runtime] Loaded config from runtime.config.toml: RuntimeConfig { api_endpoints: ApiEndpointsConfig { frontend: ApiEndpoint { listen_address: 0.0.0.0:7777 }, authentication: ApiEndpoint { listen_address: 0.0.0.0:7776 } }, internal_endpoints: InternalEndpointsConfig { access_control: InternalEndpoint { listen_address: 0.0.0.0:17779, advertised_address: "https://teaclave-access-control-service:17779" }, authentication: InternalEndpoint { listen_address: 0.0.0.0:17776, advertised_address: "https://teaclave-authentication-service:17776" }, management: InternalEndpoint { listen_address: 0.0.0.0:17777, advertised_address: "https://teaclave-management-service:17777" }, storage: InternalEndpoint { listen_address: 0.0.0.0:17778, advertised_address: "https://teaclave-storage-service:17778" }, execution: InternalEndpoint { listen_address: 0.0.0.0:17770, advertised_address: "https://teaclave-execution-service:17770" }, scheduler: InternalEndpoint { listen_address: 0.0.0.0:17780, advertised_address: "https://teaclave-scheduler-service:17780" } }, audit: AuditConfig { enclave_info_source: Path("enclave_info.toml"), auditor_signatures_source: [Path("auditors/godzilla/godzilla.sign.sha256"), Path("auditors/optimus_prime/optimus_prime.sign.sha256"), Path("auditors/albus_dumbledore/albus_dumbledore.sign.sha256")], enclave_info_bytes: [91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 97, 99, 99, 101, 115, 115, 95, 99, 111, 110, 116, 114, 111, 108, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 52, 49, 100, 102, 57, 56, 50, 52, 101, 55, 48, 101, 50, 99, 97, 98, 49, 56, 101, 98, 51, 56, 50, 102, 54, 57, 101, 100, 52, 97, 53, 56, 100, 55, 54, 98, 97, 49, 97, 48, 50, 57, 100, 99, 99, 55, 49, 52, 101, 48, 99, 50, 99, 56, 98, 98, 52, 49, 55, 97, 49, 101, 55, 53, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 97, 117, 116, 104, 101, 110, 116, 105, 99, 97, 116, 105, 111, 110, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 55, 99, 49, 102, 55, 57, 99, 57, 101, 54, 57, 98, 53, 52, 48, 49, 48, 57, 97, 101, 49, 54, 101, 100, 52, 55, 48, 50, 100, 98, 102, 53, 99, 100, 56, 52, 52, 102, 54, 48, 50, 100, 101, 48, 99, 56, 56, 51, 57, 98, 55, 52, 102, 52, 101, 101, 100, 51, 100, 55, 55, 55, 102, 100, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 101, 120, 101, 99, 117, 116, 105, 111, 110, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 100, 54, 101, 53, 102, 48, 100, 49, 57, 53, 98, 49, 54, 53, 102, 50, 49, 57, 49, 50, 51, 52, 98, 97, 100, 102, 55, 49, 99, 54, 56, 48, 54, 52, 52, 99, 99, 53, 102, 49, 102, 55, 55, 57, 55, 53, 102, 100, 54, 48, 53, 99, 49, 48, 101, 51, 99, 97, 51, 51, 100, 53, 49, 97, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 102, 114, 111, 110, 116, 101, 110, 100, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 98, 99, 48, 97, 56, 100, 99, 98, 102, 55, 55, 57, 50, 48, 48, 50, 48, 101, 97, 56, 57, 48, 53, 51, 49, 55, 53, 53, 52, 100, 55, 51, 99, 100, 51, 101, 55, 100, 56, 53, 50, 102, 53, 54, 100, 52, 98, 54, 100, 98, 97, 56, 51, 99, 53, 53, 101, 50, 97, 101, 99, 102, 99, 100, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 102, 117, 110, 99, 116, 105, 111, 110, 97, 108, 95, 116, 101, 115, 116, 115, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 99, 53, 48, 99, 55, 99, 57, 57, 101, 49, 98, 48, 54, 56, 101, 100, 49, 56, 55, 98, 55, 53, 57, 97, 48, 55, 102, 57, 98, 97, 97, 55, 50, 50, 52, 98, 57, 54, 101, 100, 56, 48, 56, 98, 57, 55, 101, 99, 99, 53, 50, 51, 57, 97, 56, 99, 50, 101, 101, 50, 53, 99, 55, 102, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 105, 110, 116, 101, 103, 114, 97, 116, 105, 111, 110, 95, 116, 101, 115, 116, 115, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 57, 53, 99, 101, 52, 99, 53, 54, 57, 54, 51, 55, 51, 55, 57, 101, 53, 56, 100, 49, 48, 48, 57, 54, 100, 100, 55, 97, 98, 102, 98, 49, 49, 56, 100, 55, 54, 100, 101, 57, 102, 55, 55, 53, 97, 99, 51, 99, 97, 52, 55, 99, 48, 53, 57, 57, 54, 57, 54, 98, 55, 48, 57, 98, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 109, 97, 110, 97, 103, 101, 109, 101, 110, 116, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 53, 49, 99, 100, 54, 101, 48, 55, 98, 56, 49, 52, 97, 97, 49, 48, 98, 100, 97, 54, 99, 52, 54, 57, 56, 97, 98, 50, 56, 54, 56, 50, 56, 56, 53, 52, 57, 100, 99, 57, 99, 101, 102, 101, 102, 102, 97, 97, 56, 98, 100, 101, 56, 51, 49, 55, 55, 54, 97, 102, 102, 98, 56, 50, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 115, 99, 104, 101, 100, 117, 108, 101, 114, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 56, 49, 97, 97, 99, 99, 99, 100, 50, 54, 97, 56, 55, 99, 51, 99, 100, 49, 102, 98, 54, 49, 49, 48, 97, 102, 52, 100, 101, 102, 53, 101, 97, 102, 99, 53, 52, 49, 49, 101, 53, 98, 102, 50, 54, 52, 49, 98, 102, 102, 99, 49, 55, 99, 101, 101, 54, 50, 55, 52, 57, 102, 97, 52, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 115, 116, 111, 114, 97, 103, 101, 95, 115, 101, 114, 118, 105, 99, 101, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 51, 101, 100, 54, 98, 51, 53, 50, 102, 52, 56, 97, 100, 52, 53, 99, 55, 48, 101, 48, 51, 97, 52, 98, 97, 48, 101, 51, 97, 54, 99, 100, 53, 53, 52, 98, 98, 100, 52, 49, 51, 55, 50, 57, 100, 99, 97, 48, 52, 100, 57, 102, 55, 49, 56, 53, 49, 98, 50, 55, 100, 99, 51, 53, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10, 91, 116, 101, 97, 99, 108, 97, 118, 101, 95, 117, 110, 105, 116, 95, 116, 101, 115, 116, 115, 93, 10, 109, 114, 95, 101, 110, 99, 108, 97, 118, 101, 32, 61, 32, 34, 100, 54, 57, 52, 100, 52, 55, 101, 55, 57, 56, 48, 55, 102, 101, 98, 97, 99, 49, 57, 49, 53, 54, 56, 51, 52, 99, 50, 97, 97, 49, 52, 57, 57, 99, 56, 102, 101, 52, 52, 50, 57, 51, 49, 53, 54, 57, 53, 48, 49, 97, 102, 98, 57, 51, 54, 97, 101, 51, 100, 50, 101, 102, 100, 34, 10, 109, 114, 95, 115, 105, 103, 110, 101, 114, 32, 32, 61, 32, 34, 56, 51, 100, 55, 49, 57, 101, 55, 55, 100, 101, 97, 99, 97, 49, 52, 55, 48, 102, 54, 98, 97, 102, 54, 50, 97, 52, 100, 55, 55, 52, 51, 48, 51, 99, 56, 57, 57, 100, 98, 54, 57, 48, 50, 48, 102, 57, 99, 55, 48, 101, 101, 49, 100, 102, 99, 48, 56, 99, 55, 99, 101, 57, 101, 34, 10], auditor_signatures_bytes: [[72, 203, 95, 240, 178, 58, 112, 100, 180, 50, 23, 33, 159, 214, 209, 252, 128, 160, 150, 130, 64, 221, 93, 1, 92, 187, 148, 141, 70, 144, 61, 40, 241, 5, 173, 24, 215, 131, 95, 44, 175, 209, 146, 189, 54, 110, 118, 198, 194, 132, 171, 214, 60, 33, 244, 19, 77, 232, 41, 59, 209, 66, 182, 238, 189, 232, 68, 235, 171, 99, 116, 14, 100, 201, 15, 166, 212, 124, 69, 224, 0, 165, 183, 210, 139, 125, 199, 38, 1, 200, 168, 94, 242, 15, 156, 5, 131, 218, 81, 124, 167, 207, 32, 208, 72, 174, 40, 170, 226, 158, 211, 220, 125, 151, 249, 163, 97, 201, 29, 161, 15, 142, 137, 46, 161, 123, 161, 127, 195, 98, 59, 14, 158, 222, 194, 167, 184, 245, 226, 73, 80, 187, 25, 250, 48, 160, 22, 8, 88, 184, 126, 90, 181, 184, 190, 155, 71, 171, 128, 19, 40, 68, 79, 37, 30, 12, 31, 223, 8, 103, 145, 149, 136, 206, 72, 27, 143, 237, 29, 86, 94, 68, 233, 62, 118, 250, 225, 77, 167, 167, 221, 111, 171, 35, 224, 55, 135, 178, 174, 131, 241, 188, 165, 89, 182, 101, 54, 232, 61, 107, 100, 4, 96, 231, 131, 147, 25, 133, 94, 118, 203, 246, 168, 211, 53, 82, 166, 142, 222, 51, 38, 43, 173, 144, 176, 230, 0, 81, 137, 40, 165, 219, 195, 166, 228, 118, 75, 154, 108, 61, 6, 117, 75, 111, 181, 254, 97, 23, 117, 21, 225, 173, 228, 98, 92, 59, 139, 18, 24, 27, 174, 81, 74, 124, 47, 113, 172, 115, 43, 189, 202, 82, 125, 42, 235, 183, 36, 143, 57, 90, 91, 242, 215, 98, 233, 239, 37, 129, 157, 155, 58, 190, 96, 84, 2, 157, 203, 226, 36, 153, 156, 98, 66, 110, 204, 99, 32, 160, 45, 167, 144, 153, 85, 22, 225, 79, 165, 21, 218, 218, 145, 230, 65, 184, 186, 211, 67, 26, 187, 214, 76, 142, 229, 163, 188, 13, 135, 252, 148, 114, 76, 187, 93, 33, 130, 117, 64, 19, 62, 234, 66, 117, 16, 254, 114, 96, 203, 13, 29, 42, 80, 191, 137, 159, 249, 126, 187, 73, 75, 218, 129, 53, 110, 95, 53, 79, 222, 182, 144, 91, 221, 193, 212, 117, 57, 190, 53, 126, 155, 93, 128, 73, 175, 131, 129, 61, 32, 12, 63, 57, 252, 76, 66, 238, 109, 228, 210, 214, 163, 165, 127, 4, 205, 195, 105, 0, 176, 122, 109, 94, 212, 61, 195, 15, 130, 84, 233, 250, 26, 248, 198, 194, 231, 210, 87, 120, 160, 25, 103, 6, 89, 97, 223, 204, 139, 201, 16, 36, 172, 131, 180, 15, 145, 19, 138, 95, 196, 161, 106, 38, 192, 166, 0, 117, 159, 13, 191, 38, 11, 227, 151, 80, 210, 31, 99, 168, 176, 81, 219, 215, 94, 173, 1, 129, 63, 120, 16, 109, 254, 84, 131, 155, 234, 190, 88, 140, 224, 77, 122, 66, 153, 169], [132, 113, 111, 112, 69, 213, 152, 220, 170, 102, 105, 60, 59, 38, 82, 200, 58, 254, 156, 241, 76, 153, 245, 119, 232, 174, 70, 96, 198, 108, 233, 243, 96, 24, 229, 221, 66, 25, 165, 39, 250, 147, 64, 249, 144, 15, 192, 240, 244, 30, 100, 89, 168, 120, 12, 34, 119, 14, 60, 104, 91, 215, 53, 46, 110, 49, 99, 220, 128, 223, 224, 115, 143, 44, 28, 186, 15, 40, 40, 169, 172, 217, 112, 128, 171, 192, 186, 2, 209, 28, 229, 214, 222, 54, 243, 152, 248, 71, 209, 179, 192, 227, 57, 1, 153, 36, 200, 32, 48, 163, 153, 220, 32, 49, 28, 30, 166, 141, 98, 230, 239, 60, 42, 45, 239, 253, 248, 196, 76, 230, 28, 235, 151, 81, 63, 184, 235, 247, 128, 45, 241, 118, 76, 114, 171, 147, 91, 166, 176, 205, 252, 89, 146, 64, 136, 67, 157, 210, 148, 199, 101, 71, 134, 189, 109, 245, 126, 7, 147, 70, 237, 240, 167, 225, 5, 217, 33, 64, 75, 190, 96, 212, 253, 231, 218, 17, 187, 201, 27, 8, 47, 241, 70, 11, 79, 160, 51, 123, 240, 173, 150, 216, 164, 146, 119, 155, 190, 30, 194, 167, 64, 180, 65, 161, 28, 195, 209, 38, 168, 3, 123, 109, 37, 107, 50, 89, 31, 3, 192, 20, 234, 65, 189, 231, 182, 135, 154, 124, 249, 147, 57, 22, 69, 235, 131, 78, 106, 59, 113, 248, 132, 252, 190, 51, 172, 10, 65, 206, 18, 228, 225, 112, 48, 19, 57, 97, 214, 193, 17, 163, 191, 61, 138, 165, 4, 54, 6, 66, 101, 239, 39, 108, 103, 236, 137, 74, 152, 236, 187, 223, 216, 127, 8, 248, 35, 177, 17, 245, 60, 171, 60, 168, 197, 224, 87, 200, 58, 4, 234, 146, 64, 24, 164, 25, 102, 16, 175, 147, 89, 190, 135, 216, 234, 224, 204, 177, 4, 142, 162, 180, 150, 132, 190, 113, 176, 144, 244, 90, 138, 147, 249, 15, 54, 46, 113, 190, 6, 176, 104, 243, 60, 113, 144, 24, 162, 35, 194, 250, 9, 176, 211, 145, 114, 179, 87, 100, 96, 131, 190, 65, 73, 206, 102, 253, 126, 59, 12, 31, 148, 252, 224, 244, 85, 10, 172, 100, 255, 88, 203, 245, 29, 180, 106, 25, 249, 123, 183, 67, 62, 141, 99, 3, 243, 200, 136, 176, 97, 202, 226, 251, 112, 145, 114, 107, 171, 187, 39, 26, 1, 157, 76, 1, 45, 103, 184, 17, 199, 93, 83, 41, 89, 38, 157, 48, 28, 37, 36, 125, 198, 101, 45, 159, 192, 193, 209, 112, 224, 232, 209, 99, 211, 30, 74, 27, 212, 6, 31, 39, 235, 196, 68, 102, 188, 89, 249, 255, 16, 100, 222, 22, 156, 120, 255, 218, 219, 228, 165, 187, 58, 199, 161, 224, 110, 161, 6, 136, 107, 253, 252, 150, 29, 185, 30, 97, 113, 168, 171, 221, 169, 18, 94, 73, 15, 95, 153, 6, 27, 191, 192, 200, 135, 38], [108, 155, 199, 119, 143, 32, 97, 66, 17, 162, 146, 100, 31, 108, 61, 206, 160, 199, 218, 60, 94, 223, 203, 242, 139, 146, 22, 112, 212, 164, 128, 213, 240, 31, 96, 252, 243, 23, 170, 113, 112, 217, 61, 202, 16, 172, 69, 84, 247, 175, 15, 13, 62, 43, 60, 37, 171, 169, 9, 52, 6, 225, 211, 70, 171, 192, 152, 249, 21, 180, 242, 173, 110, 213, 253, 118, 1, 213, 28, 59, 79, 117, 204, 213, 253, 255, 4, 136, 30, 39, 247, 2, 132, 144, 172, 134, 49, 82, 127, 187, 99, 244, 61, 107, 118, 76, 198, 26, 21, 247, 31, 120, 112, 124, 194, 182, 175, 102, 156, 88, 96, 98, 53, 111, 24, 24, 249, 111, 90, 60, 99, 121, 169, 114, 125, 183, 250, 5, 250, 168, 188, 89, 240, 64, 66, 229, 16, 185, 13, 104, 48, 77, 165, 110, 224, 215, 35, 35, 188, 95, 190, 221, 21, 241, 200, 47, 216, 110, 158, 167, 219, 183, 139, 175, 232, 240, 3, 26, 94, 100, 180, 37, 130, 181, 126, 37, 122, 64, 194, 66, 146, 179, 26, 172, 142, 244, 162, 110, 67, 29, 23, 193, 216, 117, 81, 23, 217, 249, 228, 132, 194, 232, 96, 76, 73, 101, 209, 103, 196, 101, 103, 24, 231, 197, 24, 35, 9, 171, 202, 188, 14, 24, 104, 114, 92, 244, 159, 38, 118, 56, 231, 235, 27, 232, 178, 223, 81, 247, 80, 215, 196, 164, 3, 70, 107, 139, 154, 218, 195, 206, 143, 207, 122, 157, 28, 122, 14, 22, 53, 154, 189, 84, 102, 21, 34, 70, 31, 148, 101, 180, 18, 133, 168, 143, 99, 118, 128, 112, 234, 11, 233, 165, 132, 96, 13, 171, 72, 218, 63, 114, 140, 213, 126, 155, 241, 103, 7, 77, 95, 36, 156, 30, 164, 240, 89, 55, 225, 64, 24, 2, 31, 71, 36, 171, 47, 141, 226, 16, 240, 209, 135, 96, 130, 33, 134, 150, 56, 11, 174, 86, 255, 236, 226, 42, 2, 198, 245, 150, 24, 179, 181, 46, 121, 78, 193, 161, 169, 56, 88, 99, 84, 130, 5, 166, 138, 95, 175, 244, 35, 60, 154, 246, 183, 56, 228, 59, 15, 18, 90, 39, 168, 220, 158, 212, 182, 110, 177, 141, 67, 17, 8, 128, 150, 145, 1, 50, 167, 149, 188, 134, 59, 79, 239, 203, 221, 123, 142, 196, 224, 254, 95, 198, 228, 35, 145, 167, 136, 23, 86, 19, 162, 54, 86, 110, 111, 180, 173, 43, 65, 83, 11, 2, 173, 231, 218, 11, 55, 13, 81, 141, 79, 161, 218, 196, 177, 84, 205, 215, 5, 6, 39, 57, 11, 97, 172, 41, 201, 151, 18, 36, 179, 215, 176, 156, 58, 4, 158, 40, 183, 232, 236, 31, 246, 39, 174, 138, 91, 45, 8, 156, 224, 64, 129, 213, 180, 191, 237, 183, 212, 15, 191, 138, 248, 202, 12, 198, 187, 90, 217, 28, 83, 143, 165, 159, 117, 148, 55, 21, 13, 110, 224, 77]] }, attestation: AttestationServiceConfig { algorithm: "sgx_ecdsa", url: "https://172.17.0.1:8082", key: "00000000000000000000000000000000", spid: "00000000000000000000000000000000" }, mount: MountConfig { fusion_base_dir: "/tmp/fusion_data" } }
teaclave-execution-service         | [2024-01-05T11:07:29Z DEBUG teaclave_binder::binder] EnclaveID: 2
teaclave-execution-service         | [2024-01-05T11:07:29Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1001, 4 bytes
teaclave-access-control-service    | [ERROR teaclave_access_control_service_enclave] Failed to run service: invalid peer certificate: NotValidForName
teaclave-access-control-service    | [2024-01-05T11:06:48Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 69, 114, 114, 34, 58, 34, 83, 101, 114, 118, 105, 99, 101, 69, 114, 114, 111, 114, 34, 125]

[marioolf]

Could someone explain me the correlation between these keys and my pccs service keys? Do I need to change cert and key and add my pccs files? Is it necessary to have a particular type of certificate on the pccs? Should It work with no changes for development and testing?

[marioolf]

So I was able to temporary bypass the certification problems, but the issue with de 404 error is still there:

[TRACE teaclave_attestation::service] HTTP/1.1 404 Not Found                                                             
X-Powered-By: Express                                                                                                
Request-ID: 0e4fa148a288438da52437c0b7db823c                                                                         
Content-Security-Policy: default-src 'none'                                                                          
X-Content-Type-Options: nosniff                                                                                      
Content-Type: text/html; charset=utf-8                                                                               
Content-Length: 169                                                                                                  
Date: Thu, 04 Jan 2024 16:06:15 GMT                                                                                  
Connection: close                                                                                                                                                                                                                         <!DOCTYPE html>                                                                                                      
<html lang="en">                                                                                                    
 <head>                                                                                                               
<meta charset="utf-8">                                                                                               
<title>Error</title>                                                                                                 
</head>                                                                                                              
<body>                                                                                                               
<pre>Cannot POST /sgx/dev/attestation/v4/report</pre>                                                                
</body>                                                                                                              
</html>         
                                                                                                                                                                                                                      [DEBUG teaclave_attestation::service] http_response.parse                                                           
[DEBUG teaclave_attestation::service] Attestation service responds an unknown error                                  
[ERROR teaclave_sgx_tool_enclave] Failed to attest: Attestation service responds an unknown error.

● pccs.service - Provisioning Certificate Caching Service (PCCS)
Loaded: loaded (/lib/systemd/system/pccs.service; enabled; preset: enabled)
Active: active (running) since Thu 2024-02-01 19:03:32 CET; 24min ago
Docs: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs/README.md
Main PID: 726334 (node)
Tasks: 15 (limit: 538163)
Memory: 38.0M
CPU: 2.239s
CGroup: /system.slice/pccs.service
 └─726334 /usr/bin/node /opt/intel/sgx-dcap-pccs/pccs_server.js
Feb 01 19:03:32 syp-s1 systemd[1]: Started pccs.service - Provisioning Certificate Caching Service (PCCS).
Feb 01 19:03:33 syp-s1 node[726334]: 2024-02-01 19:03:33.470 [info]: HTTPS Server is running on: https://localhost:8081
Feb 01 19:27:49 syp-s1 node[726334]: 2024-02-01 19:27:49.545 [info]: Client Request-ID : e78567d41444428f94bde3b583db8092
Feb 01 19:27:49 syp-s1 node[726334]: 2024-02-01 19:27:49.576 [info]: 192.168.122.158 - - [01/Feb/2024:18:27:49 +0000] "POST /sgx/dev/attestation/v4/report HTTP/1.1" 404 169 "-" "-"

Maybe some kind of config? It seems to be using EPID but as I already showed everything should be well configured...

[marioolf]

I saw dcap testing tool (/release/dcap/teaclave_dcap_ref_as) actually accepts the POST connection.

POST /sgx/dev/attestation/v4/report application/json: 
   >> Matched: (verify_quote) POST /sgx/dev/attestation/v4/report application/json
   >> Outcome: Success 
   >> Response succeeded.

Is it my PCCS fault then?