This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 81%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYH%3C/text%3E%3C/svg%3E)
I setuped a VM by using confidential computing resource DC2sv3 and install Ubuntu20.04LTS Gen2 on it. I also installed Azure DCAP Client on it. According to link below. DCsv3 can only access the Intel attestation certificate via THIM.
https://learn.microsoft.com/en-us/azure/confidential-computing/quick-create-portal
In order to test if the VM can do remote attestation, I install Openenclave following the instruction below.
https://github.com/openenclave/openenclave/tree/master/samples/attestation
I can run local attestaion without error. But I got the error message when I can runsgxremote. Please advise what is wrong with it. Thanks...
Yang Hong
/opt/openenclave/share/openenclave/samples/attestation$ make runsgxremote
host/attestation_host sgxremote ./enclave_a/enclave_a.signed ./enclave_b/enclave_b.signed
Host: Creating two enclaves
Host: Enclave library ./enclave_a/enclave_a.signed
Enclave1: *../common/crypto.cpp(80): mbedtls initialized.
Host: Enclave successfully created.
Host: Enclave library ./enclave_b/enclave_b.signed
Enclave2: *../common/crypto.cpp(80): mbedtls initialized.
Host: Enclave successfully created.
Host: environment variable SGX_AESM_ADDR is set
Host: ********** Attest enclave_a to enclave_b **********
Host: Requesting enclave_b format settings
Enclave2: ***../common/dispatcher.cpp(80): get_enclave_format_settings
Host: Requesting enclave_a to generate a targeted evidence with an encryption key
Enclave1: **../common/dispatcher.cpp(139): get_evidence_with_public_key
Enclave1: **../common/attestation.cpp(94): oe_serialize_custom_claims
Enclave1: **../common/attestation.cpp(105): serialized custom claims buffer size: 121
Enclave1: **../common/attestation.cpp(121): oe_get_evidence failed.(OE_NOT_FOUND)
Enclave1: **../common/dispatcher.cpp(159): get_evidence_with_public_key failed
Host: get_evidence_with_public_key failed. OE_OK
Host: attestation failed with 1
Host: Terminating enclaves
Enclave1: ../common/crypto.cpp(94): mbedtls cleaned up.
Host: Enclave successfully terminated.
Enclave2: *../common/crypto.cpp(94): mbedtls cleaned up.
Host: Enclave successfully terminated.
Host: failed
make: *** [Makefile:27: runsgxremote] Error 1
Welcome to Microsoft Q&A Platform, thanks for posting your query here.
What is there use case for wanting to use DCsv3?
Can you share your use case details for assisting you better.
We would like to setup confidential computing platform with Intel SGX attestation. This platform is supposed to used in healthcare area for AI training.
I see you have reported this issue on GitHub #4404. As the product team is actively engaged on GitHub for this issue, I am posting that link here for benefit of community.
https://github.com/openenclave/openenclave/issues/4404
Once the issue is resolved you can post the resolution for benefit of community.
Hope that helps.