Secret Provisioning failed during mbedtls_ssl_handshake with error -30592

[ROF13ThFloor]

Hi, I'm trying to make a secret provision for a Nodejs application. during the secret provisioning, I got This error :

secret_provision_start: Secret Provisioning failed during mbedtls_ssl_handshake with error -30592
secret_provision_constructor: Secret provisioning failed, terminating the whole process

bellow you can see the full log of the SGX client which is the Azure server and it's running the application using gramine-sgx

logs.txt

I'm running the secret-prov-server outside of Azure on local server and this is the way that I'm producing the certificates :

openssl genrsa -out ssl/ca.key 2048 openssl req -x509 -new -nodes -key ssl/ca.key -sha256 -days 1024 -out ssl/ca.crt -config ca_config.conf openssl genrsa -out ssl/server.key 2048 openssl req -new -key ssl/server.key -out ssl/server.csr -config ca_config.conf openssl x509 -req -days 360 -in ssl/server.csr -CA ssl/ca.crt -CAkey ssl/ca.key -CAcreateserial -out ssl/server.crt
**This is the Manifest file **
`loader.preload = "file:{{ gramine.libos }}" # for compatibility with v1.0
loader.entrypoint = "file:{{ gramine.libos }}"
loader.log_level = "all"
loader.log_file = "gramine.log"
loader.insecure__use_cmdline_argv = true
loader.insecure__use_host_env = true
sys.insecure__allow_eventfd = true

libos.entrypoint = "{{ nodejs_dir }}/node"

sgx.remote_attestation = "dcap"
sgx.debug = true

loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}:/usr{{ arch_libdir }}:./"
loader.env.LD_PRELOAD = "libsecret_prov_attest.so"
loader.env.SECRET_PROVISION_CONSTRUCTOR = "1"
loader.env.SECRET_PROVISION_SET_KEY = "default"
loader.env.SECRET_PROVISION_CA_CHAIN_PATH = "ssl/ca.crt"
loader.env.SECRET_PROVISION_SERVERS = "remotehost:4433"

fs.mounts = [
{ type = "chroot", path = "{{ nodejs_dir }}/node", uri = "file:{{ nodejs_dir }}/node"},
{ type = "chroot", path = "/lib", uri = "file:{{ gramine.runtimedir() }}"},
{ type = "chroot", path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}"},
{ type = "chroot", path = "/usr/{{ arch_libdir }}", uri = "file:/usr/{{ arch_libdir }}"},
{ type = "chroot", path = "/etc", uri = "file:/etc" },
{ type = "chroot", path = "/proc", uri = "file:/proc" },
{ type = "encrypted", path = "/user-dir", uri = "file:user-dir"}
]

sgx.nonpie_binary = true
sgx.enclave_size = "2G"
sgx.max_threads = 32

sgx.trusted_files = [
"file:{{ gramine.libos }}",
"file:{{ nodejs_dir }}/node",
"file:{{ gramine.runtimedir() }}/",
"file:{{ arch_libdir }}/",
"file:/usr/{{ arch_libdir }}/",
"file:libsecret_prov_attest.so",
"file:ssl/ca.crt",
"file:main.js",
"file:/usr/lib/ssl/certs/",
]

sgx.allowed_files = [
"file:/etc/",
"file:/proc/"
]`

It would be great if anyone could help me regarding this issue because I couldn't find anything in the logs.

Thanks a lot .

[dimakuv]

@ROF13ThFloor Please check https://github.com/search?q=repo%3Agramineproject%2Fgramine+30592&type=issues. We had similar issues, so you may find the answer there.