{
    // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Dont change them.
  
    //PCCS server address
    "pccs_url": "https://global.acccache.azure.net/sgx/certification/v4/"
  
    // To accept insecure HTTPS certificate, set this option to false
    ,"use_secure_cert": false
  
    // You can use the Intel PCS or another PCCS to get quote verification collateral.  Retrieval of PCK
    // Certificates will always use the PCCS described in pccs_url.  When collateral_service is not defined, both
    // PCK Certs and verification collateral will be retrieved using pccs_url
    //,"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v4/"
    ,"collateral_service": "https://global.acccache.azure.net/sgx/certification/v4/"
  
    // Type of update to TCB Info. Possible value: early, standard. Default is standard.
    // early indicates an early access to updated TCB Info provided as part of a TCB recovery event
    // (commonly the day of public disclosure of the items in scope)
    // standard indicates standard access to updated TCB Info provided as part of a TCB recovery event
    // (commonly approximately 6 weeks after public disclosure of the items in scope)
    //, "tcb_update_type" : "standard"
  
    // If you use a PCCS service to get the quote verification collateral, you can specify which PCCS API version is to be used.
    // The legacy 3.0 API will return CRLs in HEX encoded DER format and the sgx_ql_qve_collateral_t.version will be set to 3.0, while
    // the new 3.1 API will return raw DER format and the sgx_ql_qve_collateral_t.version will be set to 3.1. The pccs_api_version
    // setting is ignored if collateral_service is set to the Intel PCS. In this case, the pccs_api_version is forced to be 3.1
    // internally.  Currently, only values of 3.0 and 3.1 are valid.  Note, if you set this to 3.1, the PCCS use to retrieve
    // verification collateral must support the new 3.1 APIs.
    //,"pccs_api_version": "3.1"
  
    // Maximum retry times for QCNL. If RETRY is not defined or set to 0, no retry will be performed.
    // It will first wait one second and then for all forthcoming retries it will double the waiting time.
    // By using retry_delay you disable this exponential backoff algorithm
    ,"retry_times": 6
  
    // Sleep this amount of seconds before each retry when a transfer has failed with a transient error
    ,"retry_delay": 10
  
    // If local_pck_url is defined, the QCNL will try to retrieve PCK cert chain from local_pck_url first,
    // and failover to pccs_url as in legacy mode.
    //,"local_pck_url": "http://localhost:8081/sgx/certification/v4/"
  
    // If local_pck_url is not defined, set pck_cache_expire_hours to a none-zero value will enable local cache.
    // The PCK certificates will be cached in memory and then to the disk drive.
    // The local cache files will be sequentially searched in the following directories until located in one of them:
    // Linux : $AZDCAP_CACHE, $XDG_CACHE_HOME, $HOME, $TMPDIR, /tmp/
    // Windows : $AZDCAP_CACHE, $LOCALAPPDATA\..\..\LocalLow
    // Please be aware that the environment variable pertains to the account executing the process that loads QPL,
    // not the account used to log in. For instance, if QPL is loaded by QGS, then those environment variables relate to
    // the "qgsd" account, which is the account that runs the QGS daemon.
    // You can remove the local cache files either manually or by using the QPL API, sgx_qpl_clear_cache. If you opt to
    // delete them manually, navigate to the aforementioned caching directories, find the folder named .dcap-qcnl, and delete it.
    // Restart the service after all cache folders were deleted. The same method applies to "verify_collateral_cache_expire_hours"
    ,"pck_cache_expire_hours": 168
  
    // To set cache expire time for quote verification collateral in hours
    // See the above comment for pck_cache_expire_hours for more information on the local cache.
    ,"verify_collateral_cache_expire_hours": 168
  
    // When the "local_cache_only" parameter is set to true, the QPL/QCNL will exclusively use PCK certificates
    // from local cache files and will not request any PCK certificates from service providers, whether local or remote.
    // To ensure that the PCK cache is available for use, an administrator must pre-populate the cache folders with
    // the appropriate cache files. To generate these cache files for specific platforms, the administrator can use
    // the PCCS admin tool. Once the cache files are generated, the administrator must distribute them to each platform
    // that requires provisioning.
    ,"local_cache_only": false
  
    // You can add custom request headers and parameters to the get certificate API.
    // But the default PCCS implementation just ignores them.
    //,"custom_request_options" : {
    //  "get_cert" : {
    //    "headers": {
    //      "head1": "value1"
    //    },
    //    "params": {
    //      "param1": "value1",
    //      "param2": "value2"
    //    }
    //  }
    //}
  }