Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL issue when setting AWS_CA_BUNDLE environment variable for AWS CLI commands #1340

Open
BorisBureau opened this issue Aug 29, 2024 · 0 comments
Open

SSL issue when setting AWS_CA_BUNDLE environment variable for AWS CLI commands #1340

BorisBureau opened this issue Aug 29, 2024 · 0 comments

Comments

@BorisBureau
Copy link

Hello,

We were facing an error when trying to use AWS CLI commands on AWS accounts that are in the China region;

SSL validation failed for https://ssm.cn-north-1.amazon.com.cn/ [SSL:CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1002)

So, we configured the AWS_CA_BUNDLE environment variable (on Windows) with the path of the proxy certificate responsible for SSL interception in our company. And it solved the problem, but created another problem. In fact, when we try to connect through saml2aws to AWS accounts that are not in the China region. Below is the error we get :

Error logging into AWS role using SAML assertion.: Error retrieving STS credentials using SAML.: RequestError: send request failed
caused by: Post "https://sts.amazonaws.com/":x509: certificate signed by unknown authority

Is there a solution to that problem please?

Thank you in advance.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BorisBureau