Closed bondsb closed 3 years ago
I edited the post. Turns out the behavior is the same in Windows and macOS. I didn't realize I had set AWS_CA_BUNDLE
as a permanent environment variable in Windows.
Fixed since pip install -U yawsso==0.6.0rc3
Thanks for the very quick fix!
I sent a minor PR (#38) that quotes the option to allow for whitespace.
@bondsb Thanks. It will come with 0.6.0
scheduled release this Friday if all good. Cheers!
At work we have TLS inspection, and I set
ca_bundle
in the~/.aws/config
file to an appropriate certificate.Running
yawsso
only picks up the certificate for my default profile. For other profiles,ca_bundle
seems to be ignored. I receive an error:Error executing command: 'aws sts get-caller-identity'. Exception: SSL validation failed for https://portal.sso.us-east-1.amazonaws.com/federation/credentials?role_name=redacted&account_id=redacted [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)
A workaround is to set the environment variable
AWS_CA_BUNDLE
. This is picked up each time.