Skip to content
Browse files

[keys] Cleanup keys/certs and update (#191)

  • Loading branch information
mssun committed Dec 24, 2019
1 parent ead453f commit 9138c5d8f1af8ebc8fb7f39bf0cdaa88a6321373
Showing with 9 additions and 71 deletions.
  1. +9 −24 keys/
  2. +0 −26 keys/auditors/
  3. +0 −13 keys/sp_root_ca_cert.pem
  4. +0 −8 keys/sp_root_ca_key.pem
@@ -1,26 +1,11 @@
# Testing Keys/Certificates
# Keys and Certificates in Teaclave

This directory contains keys/certificates that are used in the prototype. Note
that these are only testing keys. Do not use them in production.
This directory contains keys and certificates used in the Teaclave platform.
Note that these are only for demonstration. *DO NOT use them in production.*

* AttestationReportSigningCACert.pem:
- Intel Attestation Service (IAS) certificate obtained from
* ca.crt:
- clients are authenticated during mutual TLS communications, so we need to
(offline) issue certificates to them. This is the CA certificate for
testing purpose.
* client.crt:
- client's certificate used in mutual TLS authentication (issued by
* client.pkcs8:
- client's private key used in mutual TLS authentication (matching
* mr_signer:
- SHA256 digest of the big endian format modulus of the RSA public key of
the enclave’s signing key. The value we put here matches our [testing
signing key](../build/Enclave_private.pem).

After the registration with IAS, you will be issued a service provider ID
(SPID) via email. You need to provide an spid.txt file containing your SPID
string such as ``ABCDEFGHIJKLMNOPQRSTUVWXYZ012345`` in this directory.
- `enclave_signing_key.pem`: private key to sign SGX enclaves
- `ias_root_ca_cert.pem`: attestation report root CA certificate for Intel SGX
Attestation Service, obtained from the
[service website](
- `auditors`: contains auditors' keys to sign the *enclave info* for mutual

This file was deleted.

This file was deleted.

This file was deleted.

0 comments on commit 9138c5d

Please sign in to comment.
You can’t perform that action at this time.