Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SSL Certificate Verification fails when logging into Azure Container Registry

I am new to Azure and am trying to get the command line working from my computer (mac OS). I installed the azure-cli via homebrew and when I execute az login, I get the following error:

Error occurred in request., SSLError: HTTPSConnectionPool(host='management.azure.com', port=443): Max retries exceeded with url: /tenants?api-version=2016-06-01 (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",),))
Traceback (most recent call last):
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 441, in wrap_socket
    cnx.do_handshake()
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1806, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1546, in _raise_ssl_error
    _raise_current_error()
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]

I have tried the following:

export ADAL_PYTHON_SSL_NO_VERIFY=1
export AZURE_CLI_DISABLE_CONNECTION_VERIFICATION=1

as per this: https://github.com/Azure/azure-cli/issues/2267

and that lets me log in, but when I execute az acr login --name <registry name> I get a similar error again:

HTTPSConnectionPool(host='registryName.azurecr.io', port=443): Max retries exceeded with url: /v2/ (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",),))
Traceback (most recent call last):
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 441, in wrap_socket
    cnx.do_handshake()
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1806, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1546, in _raise_ssl_error
    _raise_current_error()
  File "/usr/local/Cellar/azure-cli/2.0.25/libexec/lib/python3.6/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]

Is there anything I can do to solve this? Thanks in advance.

like image 542
user2689570 Avatar asked Jan 26 '18 21:01

user2689570


Video Answer


1 Answers

Trying setting REQUESTS_CA_BUNDLE as mentioned in the doc here: https://github.com/Azure/azure-cli/blob/dev/doc/use_cli_effectively.md#working-behind-a-proxy

like image 84
Maurya M Avatar answered Oct 13 '22 01:10

Maurya M