Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Azure HttpTrigger Function deployment from VS Code - self signed certificate in certificate chain #799

Open
shivapower1985 opened this issue May 5, 2023 · 7 comments
Open

Azure HttpTrigger Function deployment from VS Code - self signed certificate in certificate chain #799

shivapower1985 opened this issue May 5, 2023 · 7 comments
Labels
upstream

Comments

@shivapower1985
Copy link

shivapower1985 commented May 5, 2023
edited

I am working on HttpTrigger Function. I created a function and when I deploy it in my Azure function I see the function is failing to deploy because of self signed certificate in certificate chain issue.

Error type: SELF_SIGNED_CERT_IN_CHAIN
Error Message: request to redacted:url failed, reason: self signed certificate in certificate chain

Version: 0.11.4
OS: win32
OS Release: 10.0.22000
Product: Visual Studio Code
Product Version: 1.78.0
Language: en
@janmolemans
Copy link

I have a similar issue, not specific to a function deployment, it seems to impact all azure extensions in vscode:
2023-05-05 11:57:30.311 [info] [Axios Response] 200 - POST https://login.microsoftonline.com/common/oauth2/token?api-version=1.0
2023-05-05 11:57:30.364 [info] [SubscriptionsClient Request] GET https://management.azure.com/tenants?api-version=2016-06-01
2023-05-05 11:57:30.475 [error] request to https://management.azure.com/tenants?api-version=2016-06-01 failed, reason: self signed certificate in certificate chain

@janmolemans
Copy link

Just guessing some more: I am working in a company that intercepts https traffic and then resigns it with its own certificate. Could it be that in some recent change/update of vscode or extensions this self signed certificate leads to this issue?

@alexweininger
Copy link
Member

Just to establish a baseline, has this worked normally in the past?

Does downgrading to an older version of the Azure Account extension fix the issue? If not, try downgrading VS Code to 1.77. The 1.78 April release just came out and could be causing this as well.

@alexweininger
Copy link
Member

Another user posted a workaround for the self signed certificate in certificate chain issue on Windows.

Install the win-ca extension, which makes Trusted Root Certificates on Windows available to VSCode extensions.

@janmolemans
Copy link

downgrading to 1.77.3 fixed it for me.

@alexweininger
Copy link
Member

Just to consolidate info on this issue in one comment:

A change released in the VS Code 1.78 April release breaks loading OS certificates on Windows. Meaning self-signed certificates and CA certificates picked up from a network proxy are currently broken. See microsoft/vscode#181404 for more details.

It looks like VS Code is planning to include a fix in the 1.78.2 release (April recovery 2).

Until that is released, you can downgrade to VS Code version 1.77. Also, other users have had success installing the win-ca extension, which makes Trusted Root Certificates on Windows available to VS Code extensions.

Another workaround if your CA certificate is provided by a network proxy is to configure the proxy related settings in VS Code.

@alexweininger
Copy link
Member

VS Code just released version 1.78.2 which should fix the certificates issue, could you please update VS Code and retry the operation?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
upstream
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alexweininger @janmolemans @shivapower1985