az account get-access-token is failing with certificate verification error which is part of terraform init command whereas same az command works fine when running individually
Command Nameaz account get-access-token
Errors:
HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /<tenant_id>/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
Traceback (most recent call last):
urllib3\urllib3\contrib\pyopenssl.py, ln 456, in wrap_socket
pip-install-363drsgw\pyOpenSSL\OpenSSL\SSL.py, ln 1915, in do_handshake
...
To Reproduce:
terraform init
Complete error:
terraform init
Initializing the backend...
╷
│ Error: obtaining Authorization Token from the Azure CLI: parsing json result from the Azure CLI: waiting for the Azure CLI: exit status 1: The command failed with an unexpected error. Here is the traceback:
│
│ HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7a9376d4-7c43-480f-82ba-a090647f651d/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
│ Traceback (most recent call last):
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\contrib\pyopenssl.py", line 456, in wrap_socket
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\pyOpenSSL\OpenSSL\SSL.py", line 1915, in do_handshake
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\pyOpenSSL\OpenSSL\SSL.py", line 1647, in _raise_ssl_error
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\pyOpenSSL\OpenSSL_util.py", line 54, in exception_from_error_queue
│ OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
│
│ During handling of the above exception, another exception occurred:
│
│ Traceback (most recent call last):
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 600, in urlopen
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 343, in _make_request
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 839, in _validateconn
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connection.py", line 344, in connect
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\util\ssl.py", line 347, in ssl_wrap_socket
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\contrib\pyopenssl.py", line 462, in wrap_socket
│ ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",)
│
│ During handling of the above exception, another exception occurred:
│
│ Traceback (most recent call last):
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\adapters.py", line 449, in send
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 638, in urlopen
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\util\retry.py", line 399, in increment
│ urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7a9376d4-7c43-480f-82ba-a090647f651d/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
│
│ During handling of the above exception, another exception occurred:
│
│ Traceback (most recent call last):
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\knack\knack\cli.py", line 215, in invoke
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init.py", line 654, in execute
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init.py", line 718, in _run_jobs_serially
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init__.py", line 711, in _run_job
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\six\six.py", line 703, in reraise
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init__.py", line 688, in _run_job
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands\init.py", line 325, in call__
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\init__.py", line 545, in default_command_handler
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\command_modules\profile\custom.py", line 75, in get_access_token
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core_profile.py", line 650, in get_raw_token
│ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core_profile.py", line 1014, in retrieve_token_for_user
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\authentication_context.py", line 145, in acquire_token
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\authentication_context.py", line 128, in _acquire_token
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\authentication_context.py", line 143, in token_func
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 347, in get_token_from_cache_with_refresh
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 127, in _find_token_from_cache
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\cache_driver.py", line 199, in find
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\cache_driver.py", line 184, in _refresh_entry_if_necessary
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\cache_driver.py", line 160, in _acquire_new_token_from_mrrt
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 137, in _get_token_with_token_response
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 339, in _get_token_with_refresh_token
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 112, in _oauth_get_token
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\oauth2_client.py", line 268, in get_token
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\api.py", line 116, in post
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\api.py", line 60, in request
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\sessions.py", line 533, in request
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\sessions.py", line 646, in send
│ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\adapters.py", line 514, in send
│ requests.exceptions.SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7a9376d4-7c43-480f-82ba-a090647f651d/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
│
│ To open an issue, please run: 'az feedback'
Expected Behavior
terraform init should initialize terraform state on my local machine and to access it az command should generate token
az account get-access-token is failing with certificate verification error which is part of terraform init command whereas same az command works fine when running individually
Command Name
az account get-access-token
Errors:
To Reproduce:
terraform init
Complete error:
Initializing the backend... ╷ │ Error: obtaining Authorization Token from the Azure CLI: parsing json result from the Azure CLI: waiting for the Azure CLI: exit status 1: The command failed with an unexpected error. Here is the traceback: │ │ HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7a9376d4-7c43-480f-82ba-a090647f651d/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)) │ Traceback (most recent call last): │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\contrib\pyopenssl.py", line 456, in wrap_socket │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\pyOpenSSL\OpenSSL\SSL.py", line 1915, in do_handshake │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\pyOpenSSL\OpenSSL\SSL.py", line 1647, in _raise_ssl_error │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\pyOpenSSL\OpenSSL_util.py", line 54, in exception_from_error_queue │ OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')] │ │ During handling of the above exception, another exception occurred: │ │ Traceback (most recent call last): │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 600, in urlopen │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 343, in _make_request │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 839, in _validateconn │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connection.py", line 344, in connect │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\util\ssl.py", line 347, in ssl_wrap_socket │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\contrib\pyopenssl.py", line 462, in wrap_socket │ ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",) │ │ During handling of the above exception, another exception occurred: │ │ Traceback (most recent call last): │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\adapters.py", line 449, in send │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\connectionpool.py", line 638, in urlopen │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-aq7acbhx\urllib3\urllib3\util\retry.py", line 399, in increment │ urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7a9376d4-7c43-480f-82ba-a090647f651d/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)) │ │ During handling of the above exception, another exception occurred: │ │ Traceback (most recent call last): │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\knack\knack\cli.py", line 215, in invoke │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init.py", line 654, in execute │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init.py", line 718, in _run_jobs_serially │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init__.py", line 711, in _run_job │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\six\six.py", line 703, in reraise │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands__init__.py", line 688, in _run_job │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\commands\init.py", line 325, in call__ │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core\init__.py", line 545, in default_command_handler │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\command_modules\profile\custom.py", line 75, in get_access_token │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core_profile.py", line 650, in get_raw_token │ File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure\cli\core_profile.py", line 1014, in retrieve_token_for_user │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\authentication_context.py", line 145, in acquire_token │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\authentication_context.py", line 128, in _acquire_token │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\authentication_context.py", line 143, in token_func │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 347, in get_token_from_cache_with_refresh │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 127, in _find_token_from_cache │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\cache_driver.py", line 199, in find │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\cache_driver.py", line 184, in _refresh_entry_if_necessary │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\cache_driver.py", line 160, in _acquire_new_token_from_mrrt │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 137, in _get_token_with_token_response │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 339, in _get_token_with_refresh_token │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\token_request.py", line 112, in _oauth_get_token │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\adal\adal\oauth2_client.py", line 268, in get_token │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\api.py", line 116, in post │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\api.py", line 60, in request │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\sessions.py", line 533, in request │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\sessions.py", line 646, in send │ File "C:\Users\VSSADM~1\AppData\Local\Temp\pip-install-363drsgw\requests\requests\adapters.py", line 514, in send │ requests.exceptions.SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7a9376d4-7c43-480f-82ba-a090647f651d/oauth2/token (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)) │ │ To open an issue, please run: 'az feedback'
Expected Behavior
terraform init should initialize terraform state on my local machine and to access it az command should generate token
Environment Summary
Copy from
https://github.com/Azure/azure-cli/issues/25301