[examples/skr/aks] Error while unwrapping secret: failed to verify certificate: x509: certificate signed by unknown authority

microsoft / confidential-sidecar-containers

This is a collection of sidecar containers that can be incorporated within confidential container groups on Azure Container Instances.

Other

24 stars 16 forks source link

[examples/skr/aks] Error while unwrapping secret: failed to verify certificate: x509: certificate signed by unknown authority #120

Open arc9693 opened 1 month ago

arc9693 commented 1 month ago

Hello, I am getting the following error message in my example-unwrap image. I have followed the instructions as it is.

Code: Unknown Message: SKR failed: attestation failed: Retrieving MAA token from MAA endpoint failed: maa post request failed: HTTP GET failed: Post "https://sharedeus.eus.attest.azure.net/attest/SevSnpVM?api-version=2020-10-01": tls: failed to verify certificate: x509: certificate signed by unknown authority

Please help.

stevendongatmsft commented 1 month ago

Initial investigation reveals that the error is caused by using pre-release image that does not have prod cert signed UVM reference. It was recommended to use official image to do PoC.