Opening Cloud Shells fails with "Error: Error: unable to verify the first certificate" #394
Comments
|
Deleted an old comment.. For some reason it did work after a short while yesterday.. And it worked today but suddenly it just stopped working with the same error. It can't be related to new year then (just a coincidence that I got this then), but something else... |
|
I need to report the same issue, tried with several tenants, some are working, some not, no clue what is the root cause. |
|
Thanks for reporting @dozer75 and @1lomeno3. This is a strange issue that I have seen myself. Unfortunately we can't do much to mitigate it in the extension because it's a transient issue on the Azure backend side. Since we've seen multiple reports of this I'll escalate it to the Azure Cloud Shell team. Also, this tends to fix itself after refreshing VS Code or after just waiting for a bit. Please let us know if you run into any more issues. Closing as duplicate of #29. |
|
@dozer75 @1lomeno3 I work on the CloudShell team and can investigate this issue. Would you be able to send me your tenant ID via email jadsa@microsoft.com. Thanks. |
|
@dsajanice You should have an email with my tenant id now. |
|
@dsajanice for me it suddenly started to work, both PS and bash options... |
|
I use it quite often and 20% of the time is giving me the same error. |
|
Thank you for reporting @marco-svitol. Could you also please send me your tenant ID via email at jadsa@microsoft.com. Since this occurred more recently, the backend logs will be helpful. |
|
I am getting the same exact error. My environment: Visual Studio I am launching the Bash (Azure CLI) via Visual studio code. It was working most of the day.Requesting a Cloud Shell... |
|
|
Thank you for reporting and following up with tenant IDs. I believe we have identified the root cause. We will test the fix and keep this thread posted on rollout timelines. |
|
that's nice. thanks for your effort.
keeping an eye on this thread.
Il Mer 9 Feb 2022, 20:10 dsajanice ***@***.***> ha scritto:
… Thank you for reporting and following up with tenant IDs. I believe we
have identified the root cause. We will test the fix and keep this thread
posted on rollout timelines.
—
Reply to this email directly, view it on GitHub
<#394 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/APARWEDXUDXJPECH7JP33FLU2K3ZHANCNFSM5LCMWT7Q>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
So have I got this right, as an engineer I am meant to wait several hours and try again until this eventually works? |
|
Once I reinstalled the Azure CLI extension the error of "unable to verify the first certificate" stopped showing up. I'm new in the business so I can't really point that as a solution. But I wanted to share here so maybe someone with more expertise could look into it. |
I am also getting the same error when try and open Cloud shells via vscode. |
|
got the same issues, reinstalled everything, strange... |
|
I'm seeing these errors too. I tried re-installing, but there was no change. I also tried other versions of the |
|
I am also stuck with this - it's been driving me mad. |
|
I keep getting this error too. I've traced it through the logs in VScode. for me the source error is related to MFA ""error":"interaction_required","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access" however I'm unable to get VScode to prompt for the MFA request. I've uninstalled and reinstalled VS code. all authentication apps. And tried signing in via the authentication prompts with in VS code.
If anyone has any tips on how to get signed in with vscode and MFA it would be appreciated. I really can't disable MFA on my account just for this. |
|
Apologies folks for the delay in rolling out a fix. I acknowledge that this is not a good experience. We are running behind schedule on providing a robust fix. I will commit to providing an update on a fix or a workaround by the end of April. |
|
Just here to say I have the same issue, trying to evaluate remote cloud shell but unable to do so due to same error message. Apricate any help / work arounds in the mean time. |
|
Just found this, and glad I did. This has been driving me in circles for a week.... uninstall, reinstall, etc., etc. does nothing to fix the issue. Please let us know as soon as you have it working again. |
|
Got the exact same error. Please fix this and provide any suggestion to work around this. Thanks. |
|
Could someone please try the following and let me know if it resolves the issue. Could you please install all the associated intermediate certificates that are listed here: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/certificate-authorities#associated-intermediate-cas The reason for this is we recently found an issue in the certificate chain that Cloud Shell was using to establish a TLS session with the client browser. We know that installing the intermediate certificate manually has worked as a mitigation for that issue. If this VS Code issue is resulting from the same root cause, then installing the intermediate certificate manually should work. This is only a workaround and not a final fix. Thank you for your patience. |
|
@dsajanice I installed these four certificates to the system keychain on my M1 Mac and got this error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
|
|
Edited Reply. From the supplied link, I've downloaded the certs I thought I needed, exported as base64 and created a single file "certbundle.pem". Updated settings.json file to include this cert bundle using Now getting same as wwlorey - UNABLE_TO_VERIFY_LEAF_SIGNATURE. |
|
Cloud Shell rolled out a cert related update today. We believe it should address this problem. Please retry and confirm. Thanks! |
|
It's working for me. Thanks for the work on this, @dsajanice! |
|
It works for me as well. Thanks for that. |
|
Working for me now. Thank you.
Get Outlook for Android<https://aka.ms/AAb9ysg>
…________________________________
From: dsajanice ***@***.***>
Sent: Thursday, March 31, 2022 11:59:16 PM
To: microsoft/vscode-azure-account ***@***.***>
Cc: Jd33ks ***@***.***>; Comment ***@***.***>
Subject: Re: [microsoft/vscode-azure-account] Opening Cloud Shells fails with "Error: Error: unable to verify the first certificate" (Issue #394)
Cloud Shell rolled out a cert related update today. We believe it should address this problem. Please retry and confirm. Thanks!
—
Reply to this email directly, view it on GitHub<#394 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/APWWT2Z6J3KWSQVBGMCS5X3VCYU4JANCNFSM5LCMWT7Q>.
You are receiving this because you commented.Message ID: ***@***.***>
|
|
It works for me as well now too. Thank you ! |
|
First couple of tests for me are working. Thank you. |
|
Works for me as well, thank you! |
|
I also confirmed it is working for now; both Bash and PWSH; on MAC OSx |
|
Also working, thanks! |
Today, when I am trying to open a Cloud Shell (both PowerShell and Bash) I can't get it to work. This worked without any issues yesterday and it is working to day when doing it outside of Visual Studio Code (using Windows Terminal), so I suspect that it may be some issues with a new year, and some root certificates that has expired for this extension that does it?
Steps to reproduce:
Azure: Sign incommandAzure: Open <shell> in Cloud ShellExpected result:
A cloud shell is opened in the terminal list
Actual result:
The error below is displayed
Environment:
Operating system: Windows 11 Pro OS Build 22000.376
Visual Studio Code: 1.63.2 899d46d82c4c95423fb7e10e68eba52050e30ba3 x64
Azure Account: 0.9.11
The text was updated successfully, but these errors were encountered: