The request was aborted: Could not create SSL/TLS secure

[basictheprogram]

Just started having this problem today.

==> default: Running provisioner: shell...
    default: Running: shell/InstallChocolatey.ps1 as C:\tmp\vagrant-shell.ps1
    default: powershell.exe : Exception calling "DownloadString" with "1" argument(s): "The request was aborted: Could not create SSL/TLS secure
    default:     + CategoryInfo          : NotSpecified: (Exception calli...SSL/TLS secure :String) [], RemoteException
    default:     + FullyQualifiedErrorId : NativeCommandError
    default: channel."
    default: At C:\tmp\vagrant-shell.ps1:70 char:7
    default: +       iex ((new-object net.webclient).DownloadString('https://chocolatey.org/ins ...
    default: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    default:     + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    default:     + FullyQualifiedErrorId : WebException
    default:
    default: choco : The term 'choco' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
    default: the spelling of the name, or if a path was included, verify that the path is correct and try again.
    default: At C:\tmp\vagrant-shell.ps1:78 char:1
    default: + choco feature enable -n autouninstaller
    default: + ~~~~~
    default:     + CategoryInfo          : ObjectNotFound: (choco:String) [], CommandNotFoundException
    default:     + FullyQualifiedErrorId : CommandNotFoundException
    default:
    default: choco : The term 'choco' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
    default: the spelling of the name, or if a path was included, verify that the path is correct and try again.
    default: At C:\tmp\vagrant-shell.ps1:79 char:1
    default: + choco feature enable -n allowGlobalConfirmation
    default: + ~~~~~
    default:     + CategoryInfo          : ObjectNotFound: (choco:String) [], CommandNotFoundException
    default:     + FullyQualifiedErrorId : CommandNotFoundException
    default:
    default: choco : The term 'choco' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
    default: the spelling of the name, or if a path was included, verify that the path is correct and try again.
    default: At C:\tmp\vagrant-shell.ps1:80 char:1
    default: + choco feature enable -n logEnvironmentValues
    default: + ~~~~~
    default:     + CategoryInfo          : ObjectNotFound: (choco:String) [], CommandNotFoundException
    default:     + FullyQualifiedErrorId : CommandNotFoundException
    default:
The following WinRM command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

powershell -ExecutionPolicy Bypass -OutputFormat Text -file "C:\tmp\vagrant-shell.ps1"

Stdout from the command:

Stderr from the command:

powershell.exe : Exception calling "DownloadString" with "1" argument(s): "The request was aborted: Could not create SSL/TLS secure
    + CategoryInfo          : NotSpecified: (Exception calli...SSL/TLS secure :String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
channel."
At C:\tmp\vagrant-shell.ps1:70 char:7
+       iex ((new-object net.webclient).DownloadString('https://chocolatey.org/ins ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : WebException

choco : The term 'choco' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\tmp\vagrant-shell.ps1:78 char:1
+ choco feature enable -n autouninstaller
+ ~~~~~
    + CategoryInfo          : ObjectNotFound: (choco:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

choco : The term 'choco' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\tmp\vagrant-shell.ps1:79 char:1
+ choco feature enable -n allowGlobalConfirmation
+ ~~~~~
    + CategoryInfo          : ObjectNotFound: (choco:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

choco : The term 'choco' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\tmp\vagrant-shell.ps1:80 char:1
+ choco feature enable -n logEnvironmentValues
+ ~~~~~
    + CategoryInfo          : ObjectNotFound: (choco:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

[pauby]

What OS are you running vagrant on? What troubleshooting have you done?

[Xav83]

Hi to all :slightly_smiling_face:

I am also having this issue, when running vagrant on Ubuntu, with Vagrant 2.3.1 and VirtualBox 6.1. Currently, I am using the workaround described in this Stackoverflow thread.

[pauby]

@Xav83 I'm assuming this is what you ran:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Where did you run this?

[Xav83]

@pauby Yes, this is the line I ran in the Powershell terminal, in the Windows Virtual Machine launch via Vagrant (i don't know if this is really clear :sweat_smile:).

[pauby]

I've just brought this box up in Windows 10 21H2, Hyper-V and Vagrant 2.3.3 and didn't see this issue.

Could it be an Ubuntu issue? Thinking out loud, could it be that it doesn't have the (old) ciphers that Windows Server 2012 R2 uses for WinRM?

[slycordinator]

I get the same output above running the commands from my work which has started using a self-signed certificate through a proxy.

I can make vagrant itself use the certificate with the SSL_CERT_FILE and CURL_CA_BUNDLE variables; I just copied vagrant's embedded pem file to a location and appended the self-signed cert to it and had the above variables point to the file.

But I've not found a way to get powershell scripts inside the created VM to use include the certificate to let it download.

I added the config.vm.box_download_ca_cert variable in the Vagrantfile, but that didn't do anything with regards to the behavior of the powershell scripts; there's a chance they're ignoring the system certificates (using something like the certifi pypy package) and also the chance that the variables above don't do anything to make the VM's system store use the additional cert.

[pauby]

@slycordinator This sounds very much like a Vagrant issue and not limited to the use of this box?

[slycordinator]

I agree. I was just giving a possibility for what's going on above.

But since the creation of the vm includes creating a shared folder, a workaround could be have a script that looks in the shared folder for a specially-named pem file and adds it to the windows store if it's present (and the user copies the key to the shared folder).

On Fri, Apr 21, 2023, 7:38 PM Paul Broadwith @.***> wrote:

@slycordinator https://github.com/slycordinator This sounds very much like a Vagrant issue and not limited to the use of this box?

— Reply to this email directly, view it on GitHub https://github.com/chocolatey-community/chocolatey-test-environment/issues/67#issuecomment-1517630637, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQN7DTP4CVQYWLGTHMG6KETXCJPQXANCNFSM5WI4I6GA . You are receiving this because you were mentioned.Message ID: <chocolatey-community/chocolatey-test-environment/issues/67/1517630637@ github.com>

[pauby]

As it's not related to the Box, fixing a Vagrant issue in the Box doesn't feel like the correct place.

If this is a Vagrant issue, it should be raised with Vagrant to fix.