I setuped a VM by using confidential computing resource DC2sv3 and install Ubuntu20.04LTS Gen2 on it. I also installed Azure DCAP Client on it. According to link below. DCsv3 can only access the Intel attestation certificate via THIM.
https://learn.microsoft.com/en-us/azure/confidential-computing/quick-create-portal
In order to test if the VM can do remote attestation, I install Openenclave following the instruction below.
https://github.com/openenclave/openenclave/tree/master/samples/attestation
I can run local attestaion without error. But I got the error message when I can runsgxremote. Please advise what is wrong with it. Thanks...
Yang Hong
/opt/openenclave/share/openenclave/samples/attestation$ make runsgxremote
host/attestation_host sgxremote ./enclave_a/enclave_a.signed ./enclave_b/enclave_b.signed
Host: Creating two enclaves
Host: Enclave library ./enclave_a/enclave_a.signed
Enclave1: *../common/crypto.cpp(80): mbedtls initialized.
Host: Enclave successfully created.
Host: Enclave library ./enclave_b/enclave_b.signed
Enclave2: *../common/crypto.cpp(80): mbedtls initialized.
Host: Enclave successfully created.
Host: environment variable SGX_AESM_ADDR is set
Host: ********** Attest enclave_a to enclave_b **********
Host: Requesting enclave_b format settings
Enclave2: ***../common/dispatcher.cpp(80): get_enclave_format_settings
Host: Requesting enclave_a to generate a targeted evidence with an encryption key
Enclave1: **../common/dispatcher.cpp(139): get_evidence_with_public_key
Enclave1: **../common/attestation.cpp(94): oe_serialize_custom_claims
Enclave1: **../common/attestation.cpp(105): serialized custom claims buffer size: 121
Enclave1: **../common/attestation.cpp(121): oe_get_evidence failed.(OE_NOT_FOUND)
Enclave1: **../common/dispatcher.cpp(159): get_evidence_with_public_key failed
Host: get_evidence_with_public_key failed. OE_OK
Host: attestation failed with 1
Host: Terminating enclaves
Enclave1: ../common/crypto.cpp(94): mbedtls cleaned up.
Host: Enclave successfully terminated.
Enclave2: *../common/crypto.cpp(94): mbedtls cleaned up.
Host: Enclave successfully terminated.
Host: failed
make: *** [Makefile:27: runsgxremote] Error 1