Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

"Connect to AWS" error: unable to get local issuer certificate

See original GitHub issue

Describe the bug

Error suggesting invalid profile on machine with existing credentials file in use with aws cli

To Reproduce

After installing and ctrl+shift+p -> connect to AWS on a machine that already has a credentials file in the home directory, the user is given a list of profiles in the credentials file. Selecting either of my profiles returns an error “Credentials profile is invalid”

Expected behavior

AWS connects to that profile.

Screenshots

1-17-2020 4-41-07 PM

1-17-2020 4-42-41 PM

Desktop (please complete the following information):

  • OS: Windows 10
  • Visual Studio Code Version: Version: 1.41.1 (user setup) Commit: 26076a4de974ead31f97692a0d32f90d735645c0 Date: 2019-12-18T14:58:56.166Z Electron: 6.1.5 Chrome: 76.0.3809.146 Node.js: 12.4.0 V8: 7.6.303.31-electron.0 OS: Windows_NT x64 10.0.17763
  • AWS Toolkit for Visual Studio Code Version: 1.5.0

Additional context

F:\>sam --version
SAM CLI, version 0.13.0

F:\>aws --version
aws-cli/1.17.4 Python/3.6.0 Windows/10 botocore/1.14.4

F:\>aws s3 ls
2019-12-03 14:38:40 andrew-test-s3-bucket

F:\>aws s3 ls --profile dev
2020-01-08 08:13:27 admstest

I read through https://github.com/aws/aws-toolkit-vscode/issues/705 which shows the same symptoms but following the recommended steps of reinstalling the latest VSCode, restarting it and having lower case credential key names didn’t work for me.

Here is the content of my credential file with altered keys:

[default]
aws_access_key_id = BKDLSKEJFLKASKJFKELS
aws_secret_access_key = adklsfjASDfksa2+akdzADSFwekfasdfjslkedsf
[sand]
aws_access_key_id = BKDLSKEJFLKASKJFKELS
aws_secret_access_key = adklsfjASDfksa2+akdzADSFwekfasdfjslkedsf
[dev]
aws_access_key_id = SKDASDLFKJSKSKJFKELT
aws_secret_access_key = fasdfjslkedadklsfjASDfksa2+akdzADSFweksf

Please let me know if you have any suggestions.

Thank you!

Issue Analytics

  • State:open
  • Created 4 years ago
  • Reactions:1
  • Comments:18 (8 by maintainers)

github_iconTop GitHub Comments

1reaction
eugenevdcommented, Nov 18, 2020

@irishgordo

For what it’s worth, I’ve just had the same error as the OP

$ code --version
1.51.1
e5a624b788d92b8d34d1392e4c4d9789406efe8f
x64
$ aws --version
aws-cli/1.18.180 Python/3.6.9 Linux/5.4.0-53-generic botocore/1.19.20

AWS Toolkit 1.15.0

What solved the problem for me was to change the profile entries in ~/.aws/config from [profileX] to [profile profileX]

1reaction
justinmk3commented, Feb 21, 2020

Error: unable to get local issuer certificate

From https://github.com/nodejs/node/issues/3742#issuecomment-155546646 ,

The error itself just means that a TLS certificate in the chain is signed by an unknown CA, presumably the cert your proxy uses.

@MatthiasPdx are you on a corporate managed computer or network?

  • Do you know if it’s configured to use a proxy?
  • Or a custom CA or root certificate?
  • Are you setting HTTP_PROXY or HTTPS_PROXY environment variables?

Related vscode doc: https://code.visualstudio.com/updates/v1_30#_network-proxy-support-for-extensions

VScode exposes some related settings:

  • http.proxy
  • http.proxyAuthorization
  • http.proxyStrictSSL: you can set this to false (security risk), and see if that fixes the issue. But a better solution is to fix your certificate chain.
  • http.proxySupport
  • http.systemCertificates

What are the values of those settings in your vscode?

Tracking issue: https://github.com/aws/aws-toolkit-vscode/issues/185

Read more comments on GitHub >

github_iconTop Results From Across the Web

AWS S3 - Error: unable to get local issuer certificate
I made it working. I needed to add the certiicate in AWS.Config. Full working code is below. This might help someone.
Read more >
how to resolve [SSL: CERTIFICATE_VERIFY_FAILED ...
Hello, I am trying to resolve the dreaded SSL Certificate error: ....[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer ...
Read more >
Troubleshooting AWS CLI errors - AWS Command Line Interface
Confirm that your AWS CLI is configured. Various errors can occur if your config and credentials files or your IAM user or roles...
Read more >
AWS SSL security error curl 60 SSL certificate prob unable to ...
C:\Users\Jordan>curl https://s3-us-west-2.amazonaws.com/images-st/aaa.txt curl: (60) SSL certificate problem: unable to get local issuer ...
Read more >
SSL certificate problem: Unable to get local issuer certificate
Resolution #1 - Self Signed certificate · Ensure the root cert is added to git.exe's certificate store. · Tell Git where to find...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Add support for Fn::GetAtt in the Step Function Resource Attributes

Next page

SAM local Lambda run/debug with Lambda Layer reference in template.yaml