I am trying to install an azure DevOps extension in PowerShell using the command:
az extension add --name azure-devops
. But, getting certification error.
I tried to generate a selfsigned cert and tried to ping the url mentioned in error, was able to ping the url but error remain still there. The error is as below:
Please ensure you have network connection. Error detail:
HTTPSConnectionPool(host='objects.githubusercontent.com', port=443): Max retries exceeded with url: /github-production-release-asset-2e65be/107708057/8c8c37f1-25aa-4394-9b37-ab8655c6d437?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230210%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230210T092547Z&X-Amz-Expires=300&X-Amz-Signature=e65868999583f165ce08abf46e4e192fccffcd611847d2da76c25473f27927a4&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=107708057&response-content-disposition=attachment%3B%20filename%3Dazure_devops-0.26.0-py2.py3-none-any.whl&response-content-type=application%2Foctet-stream (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)')))
I tried generating the selfsign certificate. Tried to install on current userscope.Also, tried to ping the url mentioned in error and it was giving reply back
Related
We are using self-hosted runners (Windows) for GitHub actions. Recently, our company changed the proxy. We have updated the System Environment Variables to the new proxy, and we have updated the proxy details in .env file as suggested by GitHub documentation. And we have added the Root CA in the Windows Certificate Manager (Certificates - Local Computer -> Trusted Root Certification Authorities -> Certificates). But when uploading the artifact during workflow run, we got the below error message and workflow is failing.
Create Artifact Container - Attempt 1 of 5 failed with error: unable to get local issuer certificate
Error: Create Artifact Container failed: unable to get local issuer certificate
##[debug]Node Action run completed with exit code 1
How can we resolve this error? Is there anything that should be changed in runner configuration?
I am creating New Kubernetes service connection in Azure DevOps Server 2020 Update 1 via KubeConfig.
When I click to Verify that the connection it says that Verification Failed with the generic error:
Failed to query service connection API: 'https://ekm.mpu.cz/k8s/clusters/c-qmcrb/api/v1/nodes'. Error Message: 'An error occurred while sending the request.'
Please note that the Kubernetess instance is in the other domain.
I have the notion that the error could be with the certs are not imported somewhere on the machine, where the Azure DevOps is hosted, but I am unsure where. The MS documentation is silent about that as well.
So far I've tried to:
Import CA certs to the MMC under trusted publishers.
Import CA certs under cacerts in JAVA-HOME via keytool.
Import CA certs into azureTrustsStore.jks in JAVA-HOME via keytool.
For all 3 I've checked that the CA certs are imported correctly. But to no avail. Could you please advice or redirect me to the method, how to do it?
Additional Info:
While I cannot Verify and Save the connection, I still can Save it and then use it in the pipeline and it works OK! (sucesfully connect and execute the command).
Connection issues can occur for many reasons, but the root cause is often related to an error with one of these items: Network, Authentication, Authorization. You may refer to Basic troubleshooting of cluster connection issues for detailed troubleshooting steps.
When I try to run TerraformInstaller to install terraform in azure pipelines, I get the following error message.
##[error]Error: Failed to download Terraform from url https://releases.hashicorp.com/terraform/1.2.4/terraform_1.2.4_linux_amd64.zip. Error Error: self signed certificate in certificate chain
When I browse the link in server where self-hosted agent is installed, I am able to get to the link fine and download the zip file but only getting this error when I am running the pipeline in Azure DevOps. Firewall port 443 is obviously open and I think this error has to do with cert not being placed in the correct location? Do I need to configure self-hosted agent with cert?
pkg set-publisher: The origin URIs for 'solarisstudio' do not appear to point to a valid pkg repository.
Please verify the repository's location and the client's network configuration.
Additional details:
Unable to contact valid package repository: https://pkg.oracle.com/solarisstudio/release
Encountered the following error(s):
Transport errors encountered when trying to contact repository.
Reported the following errors:
Framework error: code: 60 reason: SSL certificate problem: unable to get local issuer certificate
URL: 'https://pkg.oracle.com/solarisstudio/release'
1.Make sure that ca-certificates service is running on solaris
svcs -xv
if not try starting using the below commands
svcadm disable svc:/system/ca-certificates:default
svcadm enable svc:/system/ca-certificates:default
Make sure that the below permission is set for all the certificates
If the above solution doesnot work
2. Take backup of all the certificates under /etc/certs/CA. Check for the corrupted certificates, by moving the certificates one by one to /etc/certs/CA in the location and starting ca-certificate service. The point when the service doesn't start is the certificate which is corrupted.
Make sure that the certificates in the location have below permissions
sudo chown root:sys /etc/certs/CA/*.pem
I am trying to publish a Service Fabric service to my local cluster, but it never goes out of this state:
There was an error during activation.Failed to configure certificate
permissions. Error: FABRIC_E_CERTIFICATE_NOT_FOUND
Do you know what is this error related to?
How can I fix it?
As the error says, SF is unable to find the required cert in Cert store. You can find the missing cert info from the event error logs in Event Viewer-
%SystemRoot%\System32\Winevt\Logs\Microsoft-ServiceFabric%4Admin.evtx
Check using Certificate Manager if this cert is present and not expired. You can use this script also.
More info regarding the required certs can be found in this file. -
C:\SfDevCluster\Data\_App\_Node_0\{AppNameFromSf}\App.1.0.xml