quartus_sign fails to generate signed ccert - quartus_sign fails to generate signed ccert Following Intel Agilex ® 7 Device Security User Guide for AES Root Key Provisioning, the quartus_sign command fails with Error (20354) but this is no help. Executing the following two commands fails on the second command - all the necessary input files have been generated successfully: ## Create an unsigned AES compact certificate for the desired AES root key storage location: quartus_pfg --ccert -o ccert_type=EFUSE_WRAPPED_AES_KEY -o password=passphrase.txt -o qek_file=aes_root.qek unsigned_efuse1.ccert ## Sign the compact certificate with the quartus_sign command or reference implementation: quartus_sign --family=agilex7 --operation=sign --pem=aesccert1_private.pem --qky=aesccert1_sign_chain.qky unsigned_efuse1.ccert signed_efuse1.ccert Replies: Re: quartus_sign fails to generate signed ccert KDB(Knowledge Database) has been established to share the solution to more users. I am transferring this case to community back to open access for community support. Replies: Re: quartus_sign fails to generate signed ccert Hi @Farabi , I was able to get help from Intel via our FAE. Basically the answer was the permission settings (should have been 0x40) which are part of the " Security Methodology for Intel FPGAs and Structured ASICs User Guide". However, this document is restricted. But for others reading this post, the correct settings were actually part of the " Intel Agilex ® 7 Device Security User Guide", Page 33. I will close this case. Thank you. Replies: Re: quartus_sign fails to generate signed ccert Hello @Farabi , I have not heard from you and we still have this problem. We are going to be shipping our product in about a month and need a resolution. I look forward to hearing from you. Replies: Re: quartus_sign fails to generate signed ccert By the way, there is a case number for this that has been opened by our FAE: 00885849 Replies: Re: quartus_sign fails to generate signed ccert I'm looking forward to your response. We are quite stalled on this. Thanks! Replies: Re: quartus_sign fails to generate signed ccert Hello, Sorry for late reply. I am still checking with our internal team to get the details of this error. I will get back to you asap when I have the information. regards, Farabi - 2024-06-12