bondsb
commented
3 years ago I edited the post. Turns out the behavior is the same in Windows and macOS. I didn't realize I had set AWS_CA_BUNDLE as a permanent environment variable in Windows.
Closed bondsb closed 3 years ago
bondsb
commented
3 years ago I edited the post. Turns out the behavior is the same in Windows and macOS. I didn't realize I had set AWS_CA_BUNDLE as a permanent environment variable in Windows.
victorskl
commented
3 years ago Fixed since pip install -U yawsso==0.6.0rc3
bondsb
commented
3 years ago Thanks for the very quick fix!
I sent a minor PR (#38) that quotes the option to allow for whitespace.
victorskl
commented
3 years ago @bondsb Thanks. It will come with 0.6.0 scheduled release this Friday if all good. Cheers!
At work we have TLS inspection, and I set
ca_bundlein the~/.aws/configfile to an appropriate certificate.Running
yawssoonly picks up the certificate for my default profile. For other profiles,ca_bundleseems to be ignored. I receive an error:Error executing command: 'aws sts get-caller-identity'. Exception: SSL validation failed for https://portal.sso.us-east-1.amazonaws.com/federation/credentials?role_name=redacted&account_id=redacted [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)A workaround is to set the environment variable
AWS_CA_BUNDLE. This is picked up each time.