diff --git a/packages/sgx-dcap/SGXDataCenterAttestationPrimitives-sgx_default_qcnl_conf.patch b/packages/sgx-dcap/SGXDataCenterAttestationPrimitives-sgx_default_qcnl_conf.patch
new file mode 100644
index 0000000..4d8f6c5
--- /dev/null
+++ b/packages/sgx-dcap/SGXDataCenterAttestationPrimitives-sgx_default_qcnl_conf.patch
@@ -0,0 +1,13 @@
+diff --git a/QuoteGeneration/qcnl/linux/sgx_default_qcnl.conf b/QuoteGeneration/qcnl/linux/sgx_default_qcnl.conf
+index a7c84c9..ac491b0 100644
+--- a/QuoteGeneration/qcnl/linux/sgx_default_qcnl.conf
++++ b/QuoteGeneration/qcnl/linux/sgx_default_qcnl.conf
+@@ -2,7 +2,7 @@
+   // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them.
+   
+   //PCCS server address
+-  "pccs_url": "https://localhost:8081/sgx/certification/v4/"
++  "pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
+ 
+   // To accept insecure HTTPS certificate, set this option to false
+   ,"use_secure_cert": true
diff --git a/packages/sgx-dcap/default.nix b/packages/sgx-dcap/default.nix
index f8259de..b55e70a 100644
--- a/packages/sgx-dcap/default.nix
+++ b/packages/sgx-dcap/default.nix
@@ -63,8 +63,12 @@ stdenv.mkDerivation rec {
   ];
 
   patches = [
+    # make tarballs reproducible
     ./SGXDataCenterAttestationPrimitives-tarball-repro.patch
+    # sigh... Intel!
     ./SGXDataCenterAttestationPrimitives-parallel-make.patch
+    # make config work without a dedicated PCCS server by default
+    ./SGXDataCenterAttestationPrimitives-sgx_default_qcnl_conf.patch
   ];
 
   postPatch = ''
@@ -153,7 +157,7 @@ stdenv.mkDerivation rec {
         #    sgx-ra-service
         #    tdx-qgs
     )
-    
+
     for ((i = 0 ; i < ''${#dcap_map[@]} ; i+=2 )); do
         src="''${dcap_map[i]}"
         dst="''${dcap_map[i+1]}"
@@ -162,19 +166,19 @@ stdenv.mkDerivation rec {
 
         mkdir -p "$dst"
 
-        if [[ -d "$out/$src/opt/intel" ]]; then 
-          find "$out/$src/opt/intel" 
+        if [[ -d "$out/$src/opt/intel" ]]; then
+          find "$out/$src/opt/intel"
           moveToOutput "$src/opt/intel" "$dst"
           mkdir "$dst/bin"
           mv "$dst/$src/opt/intel"/*/* "$dst/bin/"
         fi
- 
-        if [[ -d "$out/$src" ]]; then 
+
+        if [[ -d "$out/$src" ]]; then
           find "$out/$src"
           moveToOutput "$src" "$dst"
         fi
 
-        if [[ -d "$out/$src-dev" ]]; then 
+        if [[ -d "$out/$src-dev" ]]; then
           find "$out/$src-dev"
           moveToOutput "$src-dev" "$dst"
         fi