gramine icon indicating copy to clipboard operation
gramine copied to clipboard
verified publisher icon gramineproject

SSL/TLS handshake failed for ra-tls-mbedtls example

Open akumar2709 opened this issue 3 years ago • 1 comments

While trying to run the ra-tls-mbedtls example, I get the following message when I run ./client dcap(I have provided MRENCLAVE, MRSIGNER etc).

[ using default SGX-measurement verification callback (via RA_TLS_* environment variables) ]

. Seeding the random number generator... ok . Connecting to tcp/localhost/4433... ok . Setting up the SSL/TLS structure... ok . Loading the CA root certificate ... ok . Installing RA-TLS callback ... ok . Performing the SSL/TLS handshake... failed ! mbedtls_ssl_handshake returned -0x3000

Last error was: -12288 - X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed

akumar2709 avatar Jul 15 '22 21:07 akumar2709

Would you please kindly:

  1. provide the commit hash of Gramine that you're working on?
  2. verify your SGX PSW + DCAP SW stack is installed correctly (e.g., by following DACP install guide) and can work properly in your env?
  3. double check the other env factors (e.g if you're running w/ proxy) that may cause the handshake failure.

Thanks!

kailun-qin avatar Jul 18 '22 04:07 kailun-qin

Hi @akumar2709!

Would just like to follow up - has your issue been resolved? Thanks!

kailun-qin avatar Mar 09 '23 02:03 kailun-qin

Let me close this issue, since the author is inactive.

dimakuv avatar Mar 09 '23 13:03 dimakuv