caohai
commented
2 months ago The key error is this: Error: unable to get local issuer certificate - [], which is most likely caused by local ssl config issue on the machine. Are you running ADS behind a proxy?
Can you give this a try? https://learn.microsoft.com/en-us/answers/questions/1352107/unable-to-add-account-in-azure-data-studio
You can also download and install this extension, and run commands manually to test your proxy environment configuration (if any) and OS certificates: https://marketplace.visualstudio.com/items?itemName=chrmarti.network-proxy-test
andrewjsechrist
Type: Bug
I am not able to use the Azure Active Directory Universal with MFA to connect to Azure AQL MIs. When I attempt to add an Azure Account I get the following error:
[Verbose]: Initialized Azure account extension storage. - [] [Verbose]: FileEncryptionHelper: Fired encryption keys updated event. - [] [Verbose]: Initializing stored accounts [] - [] [Verbose]: Starting login - [] [Information]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Info - getAuthCodeUrl called - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Verbose - initializeRequestScopes called - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : [bc6a329a-a80c-404b-870c-060412cd3edd] : @azure/msal-node@1.16.0 : Verbose - buildOauthClientConfiguration called - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : [bc6a329a-a80c-404b-870c-060412cd3edd] : @azure/msal-node@1.16.0 : Verbose - building oauth client configuration with the authority: https://login.microsoftonline.com/organizations - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : [bc6a329a-a80c-404b-870c-060412cd3edd] : @azure/msal-node@1.16.0 : Verbose - createAuthority called - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Trace - Retrieving all cache keys - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Trace - Getting cache key-value store - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Verbose - Attempting to get cloud discovery metadata in the config - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Verbose - Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the cache. - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Verbose - Did not find cloud discovery metadata in the cache... Attempting to get cloud discovery metadata from the network. - : [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Error - A non-MSALJS error was thrown while attempting to get the cloud instance discovery metadata. Error: Error Error Description: Error: unable to get local issuer certificate - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Verbose - Did not find cloud discovery metadata from the network... Attempting to get cloud discovery metadata from hardcoded values. - [] [Verbose]: [Tue, 21 May 2024 16:55:34 GMT] : @azure/msal-node@1.16.0 : Verbose - Found cloud discovery metadata from hardcoded values. - : An error occurred in MSAL library when requesting auth code URL. For more detailed information on error, please check 'Azure Accounts' output pane.
endpoints_resolution_error: Error: could not resolve endpoints. Please check network and try again. Detail: ClientAuthError: openid_config_error: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://undefined/organizations/v2.0/.well-known/openid-configuration - []
"originalMessage": "endpoints_resolution_error: Error: could not resolve endpoints. Please check network and try again. Detail: ClientAuthError: openid_config_error: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://undefined/organizations/v2.0/.well-known/openid-configuration", "originalException": { "errorCode": "endpoints_resolution_error", "errorMessage": "Error: could not resolve endpoints. Please check network and try again. Detail: ClientAuthError: openid_config_error: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://undefined/organizations/v2.0/.well-known/openid-configuration", "subError": "", "name": "ClientAuthError" } } - []
I have manually set the Accounts.Azure.Cloud URIs as prescribed in other troubleshooting documents. Please find the settings below: `{ "workbench.editorAssociations": { "*.{sqlplan}": "workbench.editor.executionplan" }, "datasource.connectionGroups": [ { "name": "ROOT", "id": "C777F06B-202E-4480-B475-FA416154D458" } ], "window.newWindowDimensions": "inherit", "editor.insertSpaces": false, "workbench.colorTheme": "Default Dark Azure Data Studio", "workbench.enablePreviewFeatures": true, "security.workspace.trust.untrustedFiles": "open", "editor.minimap.enabled": true, "files.autoSave": "onWindowChange", "editor.formatOnType": true, "editor.acceptSuggestionOnEnter": "off", "editor.inlineSuggest.showToolbar": "always", "editor.quickSuggestionsDelay": 8, "editor.suggest.preview": true, "files.trimTrailingWhitespace": true, "workbench.editor.highlightModifiedTabs": true, "workbench.editor.titleScrollbarSizing": "large", "editor.bracketPairColorization.independentColorPoolPerBracketType": true, "editor.defaultFormatter": "Microsoft.mssql", "editor.suggest.localityBonus": true, "[json]": { "editor.defaultFormatter": "vscode.json-language-features" }, "azure.loggingLevel": "Verbose", "http.systemCertificates": true, "http.proxyStrictSSL": false, "accounts.azure.cloud.authority": "https://login.microsoftonline.com/[redacted]/", "accounts.azure.cloud.authorizationEndpoint": "https://login.microsoftonline.com/[redacted]/oauth2/authorize", "accounts.azure.cloud.tokenEndpoint": "https://login.microsoftonline.com/[redacted]/oauth2/token", "azure.customProviderSettings": [
}`
Azure Data Studio version: azuredatastudio 1.48.0 (4970733324ef8254b7c22a5dc55af7f8a1dea93f, 2024-02-27T00:05:08.293Z) OS version: Windows_NT x64 10.0.19045 Restricted Mode: No Preview Features: Enabled Modes:
System Info
|Item|Value| |---|---| |CPUs|Intel(R) Core(TM) i5-10310U CPU @ 1.70GHz (8 x 2208)| |GPU Status|2d_canvas: enabledcanvas_oop_rasterization: enabled_on
direct_rendering_display_compositor: disabled_off_ok
gpu_compositing: enabled
multiple_raster_threads: enabled_on
opengl: enabled_on
rasterization: enabled
raw_draw: disabled_off_ok
video_decode: enabled
video_encode: enabled
vulkan: disabled_off
webgl: enabled
webgl2: enabled
webgpu: enabled| |Load (avg)|undefined| |Memory (System)|15.78GB (3.09GB free)| |Process Argv|| |Screen Reader|no| |VM|0%|
Extensions (14)
Extension|Author (truncated)|Version ---|---|--- admin-pack|Mic|0.0.2 admin-tool-ext-win|Mic|0.1.3 agent|Mic|0.49.0 azuremonitor|Mic|0.1.9 dacpac|Mic|1.14.0 import|Mic|1.6.1 machine-learning|Mic|0.12.0 managed-instance-dashboard|Mic|0.4.2 powershell|ms-|2023.2.1 profiler|Mic|0.14.0 query-history|Mic|0.5.3 schema-compare|Mic|1.21.0 sql-assessment|Mic|0.6.4 sql-database-projects|Mic|1.4.2