You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are running latest Azure DevOps Server 2019 SP1.1 utlizing latest Microsoft SQL Server 2019 (waw-tfs01 host running latest Windows Server 2019).
During software installation we have chosen option to generate self-signed certificate for Azure DevOps Server 2019 SP1.1 services and redirect HTTP traffic to HTTPS.
Everything went smoothly, we can easily use Azure DevOps Server services from HTTPS browser on client PC (Firefox in this case). Of course info about self-signed certificate appeared and we trusted cert by adding it as permanent exception on client PC (latest Windows 10 Enterprise 1909 with available security fixes, build 18363.752).
vsts-cli installation
On same client PC we have installed latest version of vsts-cli tool using chocolatey (choco install vsts-cli). It gave us preciesly:
We have created valid token in Azure DevOps Server 2019 and tried to use it with vsts.
d:\Java\projects\javafx-spring-boot-gradle>vsts login -i https://waw-l01.ourdomain.com --token spevxzog3m6h...token...hztpa7wzaczxa --debug
Command arguments: ['login', '-i', 'https://waw-l01.ourdomain.com', '--token', 'spevxzog3m6h...token...hztpa7wzaczxa', '--debug']
Event: Cli.PreExecute []
Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x037DCF60>, <function OutputProducer.on_global_arguments at 0x03600C48>, <function CLIQuery.on_global_arguments at 0x0372D618>]
Event: CommandInvoker.OnPreCommandTableCreate []
Event: CommandLoader.OnLoadCommandTable []
Event: CommandLoader.OnLoadArguments []
Event: CommandInvoker.OnPostCommandTableCreate []
Event: CommandInvoker.OnCommandTableLoaded []
Event: CommandInvoker.OnPreParseArgs []
Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x03600C90>, <function CLIQuery.handle_query_parameter at 0x0372D660>, <function VstsCLI.post_parse_args at 0x03ED1660>]
Creating connection with personal access token.
msrest.universal_http.requests : Configuring retry: max_retries=3, backoff_factor=0.8, max_backoff=90
msrest.universal_http.requests : Configuring retry: max_retries=3, backoff_factor=0.8, max_backoff=90
msrest.universal_http.requests : Configuring retry: max_retries=3, backoff_factor=0.8, max_backoff=90
msrest.universal_http.requests : Configuring retry: max_retries=3, backoff_factor=0.8, max_backoff=90
vsts._file_cache : Cache file does not exist: C:\Users\Pawel.EBSOFT\.vsts\python-sdk\cache\options.json
vsts.vss_client : File cache miss for options on: https://waw-l01.ourdomain.com
vsts.vss_client : OPTIONS https://waw-l01.ourdomain.com/_apis
vsts.vss_client : Request content: None
msrest.universal_http : Configuring redirects: allow=True, max=30
msrest.universal_http : Configuring request: timeout=100, verify=True, cert=None
msrest.universal_http : Configuring proxies: ''
msrest.universal_http : Evaluate proxies against ENV settings: True
urllib3.connectionpool : Starting new HTTPS connection (1): waw-l01.ourdomain.com:443
urllib3.util.retry : Incremented Retry for (url='/_apis'): Retry(total=2, connect=3, read=3, redirect=None, status=None)
urllib3.connectionpool : Retrying (Retry(total=2, connect=3, read=3, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)'))': /_apis
urllib3.connectionpool : Starting new HTTPS connection (2): waw-l01.ourdomain.com:443
urllib3.util.retry : Incremented Retry for (url='/_apis'): Retry(total=1, connect=3, read=3, redirect=None, status=None)
urllib3.connectionpool : Retrying (Retry(total=1, connect=3, read=3, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)'))': /_apis
urllib3.connectionpool : Starting new HTTPS connection (3): waw-l01.ourdomain.com:443
urllib3.util.retry : Incremented Retry for (url='/_apis'): Retry(total=0, connect=3, read=3, redirect=None, status=None)
urllib3.connectionpool : Retrying (Retry(total=0, connect=3, read=3, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)'))': /_apis
urllib3.connectionpool : Starting new HTTPS connection (4): waw-l01.ourdomain.com:443
msrest.exceptions : Error occurred in request., SSLError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))
Error occurred in request., SSLError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 600, in urlopen
chunked=chunked)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 839, in _validate_conn
conn.connect()
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connection.py", line 344, in connect
ssl_context=context)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\util\ssl_.py", line 344, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\ssl.py", line 412, in wrap_socket
session=session
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\ssl.py", line 850, in _create
self.do_handshake()
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\ssl.py", line 1108, in do_handshake
self._sslobj.do_handshake()
**ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)**
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\adapters.py", line 449, in send
timeout=timeout
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 667, in urlopen
**response_kw)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 667, in urlopen
**response_kw)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 667, in urlopen
**response_kw)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\util\retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 137, in send
**kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\cli\team\common\credentials.py", line 42, in credential_set
location_client.get_connection_data()
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\location\v4_1\location_client.py", line 46, in get_connection_data
query_parameters=query_parameters)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 72, in _send
query_parameters=query_parameters)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 111, in _create_request_message
location = self._get_resource_location(location_id)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 141, in _get_resource_location
VssClient._locations_cache[self.config.base_url] = self._get_resource_locations(all_host_types=False)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 177, in _get_resource_locations
response = self._send_request(request, headers=headers)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 60, in _send_request
content=content, **operation_config)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\service_client.py", line 219, in send
pipeline_response = self.config.pipeline.run(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\__init__.py", line 197, in run
return first_node.send(pipeline_request, **kwargs) # type: ignore
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\requests.py", line 72, in send
return self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\requests.py", line 137, in send
return self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\requests.py", line 193, in send
self.driver.send(request.http_request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 328, in send
return super(RequestsHTTPSender, self).send(request, **requests_kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 140, in send
raise_with_traceback(ClientRequestError, msg, err)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\exceptions.py", line 51, in raise_with_traceback
raise error.with_traceback(exc_traceback)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 137, in send
**kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
msrest.exceptions.ClientRequestError: Error occurred in request., SSLError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))
Failed to authenticate using the supplied token.
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 600, in urlopen
chunked=chunked)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 839, in _validate_conn
conn.connect()
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connection.py", line 344, in connect
ssl_context=context)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\util\ssl_.py", line 344, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\ssl.py", line 412, in wrap_socket
session=session
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\ssl.py", line 850, in _create
self.do_handshake()
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\ssl.py", line 1108, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\adapters.py", line 449, in send
timeout=timeout
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 667, in urlopen
**response_kw)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 667, in urlopen
**response_kw)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 667, in urlopen
**response_kw)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\urllib3\util\retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 137, in send
**kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
**requests.exceptions.SSLError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))**
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\cli\team\common\credentials.py", line 42, in credential_set
location_client.get_connection_data()
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\location\v4_1\location_client.py", line 46, in get_connection_data
query_parameters=query_parameters)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 72, in _send
query_parameters=query_parameters)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 111, in _create_request_message
location = self._get_resource_location(location_id)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 141, in _get_resource_location
VssClient._locations_cache[self.config.base_url] = self._get_resource_locations(all_host_types=False)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 177, in _get_resource_locations
response = self._send_request(request, headers=headers)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\vss_client.py", line 60, in _send_request
content=content, **operation_config)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\service_client.py", line 219, in send
pipeline_response = self.config.pipeline.run(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\__init__.py", line 197, in run
return first_node.send(pipeline_request, **kwargs) # type: ignore
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\requests.py", line 72, in send
return self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\requests.py", line 137, in send
return self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\pipeline\requests.py", line 193, in send
self.driver.send(request.http_request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 328, in send
return super(RequestsHTTPSender, self).send(request, **requests_kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 140, in send
raise_with_traceback(ClientRequestError, msg, err)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\exceptions.py", line 51, in raise_with_traceback
raise error.with_traceback(exc_traceback)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\msrest\universal_http\requests.py", line 137, in send
**kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
**msrest.exceptions.ClientRequestError: Error occurred in request., SSLError: HTTPSConnectionPool(host='waw-l01.ourdomain.com', port=443): Max retries exceeded with url: /_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1045)')))**
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\knack\cli.py", line 206, in invoke
cmd_result = self.invocation.execute(args)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\knack\invocation.py", line 188, in execute
cmd_result = parsed_args.func(params)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\knack\commands.py", line 105, in __call__
return self.handler(*args, **kwargs)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\knack\commands.py", line 212, in _command_handler
result = op(client, **command_args) if client else op(**command_args)
File "C:\Program Files (x86)\Microsoft SDKs\VSTS\CLI\lib\site-packages\vsts\cli\team\common\credentials.py", line 45, in credential_set
raise ValueError("Failed to authenticate using the supplied token.")
ValueError: Failed to authenticate using the supplied token.
Could you kindly validate it still works on Windows 10 Enterprise client PCs?
Perhaps it DOES NOT anymore and is related to this bug: urllib3/urllib3#1682?
We DID NOT do anything wrong in our opinion. Please remember kindly that we are using Windows 10 client PC. I am not biggest Certificate expert, but I think I have exported right pubkey from the server (I have tried both certs already in various combinations (alone and together) with no effect).
Could you kindly assist? Are we facing problem related to urllib3 issue I mentioned above? How to workaround it if so or when fix for vsts-cli could be expected?
This page https://docs.anaconda.com/anaconda/packages/py3.7_win-64/ tells me python 3.7.0 for Windows comes with urllib3 version 1.25.8 so if my reasoning is correct this urllib3 bug has been fixed in Python 3.7.4. Can you upgrade Python component and deliver working vsts-cli?
It is important to us to have a working vsts-cli with self-signed certificates (I know, I know we should not, but please it is important for us...)
Other users reported in Azure/azure-devops-cli-extension#76 that proposed solution no longer works. Perhaps it did work in *nix systems, but no in Windows?
The text was updated successfully, but these errors were encountered:
pprivately
changed the title
[Bug] vsts-cli tool does not work with (onprem) Azure DevOps Server 2019 SP1; *self-signed* certificate
[Bug] vsts-cli tool does not work with (onprem) Azure DevOps Server 2019 SP1.1; *self-signed* certificate
Apr 9, 2020
The vsts-cli was deprecated a few years ago and replaced by the Azure DevOps Extension for Azure CLI. You will want to switch to using their extension, and follow up with them if you have any issues.
General
We are running latest Azure DevOps Server 2019 SP1.1 utlizing latest Microsoft SQL Server 2019 (waw-tfs01 host running latest Windows Server 2019).
During software installation we have chosen option to generate self-signed certificate for Azure DevOps Server 2019 SP1.1 services and redirect HTTP traffic to HTTPS.
Everything went smoothly, we can easily use Azure DevOps Server services from HTTPS browser on client PC (Firefox in this case). Of course info about self-signed certificate appeared and we trusted cert by adding it as permanent exception on client PC (latest Windows 10 Enterprise 1909 with available security fixes, build 18363.752).
vsts-cli installation
On same client PC we have installed latest version of vsts-cli tool using chocolatey (
choco install vsts-cli
). It gave us preciesly:waw-tfs01 certificate extraction
We have extracted certificate from waw-tfs01 server using following Powershell cmdlets:
Powershell on waw-tfs01 (export cert as X.509 BASE64 encoded):
Cert looked fine:
Client PC setup
We have taken it to client PC and executed few commands.
We have created valid token in Azure DevOps Server 2019 and tried to use it with vsts.
Could you kindly validate it still works on Windows 10 Enterprise client PCs?
Perhaps it DOES NOT anymore and is related to this bug: urllib3/urllib3#1682?
We DID NOT do anything wrong in our opinion. Please remember kindly that we are using Windows 10 client PC. I am not biggest Certificate expert, but I think I have exported right pubkey from the server (I have tried both certs already in various combinations (alone and together) with no effect).
Could you kindly assist? Are we facing problem related to urllib3 issue I mentioned above? How to workaround it if so or when fix for vsts-cli could be expected?
This page https://docs.anaconda.com/anaconda/packages/py3.7_win-64/ tells me python 3.7.0 for Windows comes with urllib3 version 1.25.8 so if my reasoning is correct this urllib3 bug has been fixed in Python 3.7.4. Can you upgrade Python component and deliver working vsts-cli?
It is important to us to have a working vsts-cli with self-signed certificates (I know, I know we should not, but please it is important for us...)
Other users reported in Azure/azure-devops-cli-extension#76 that proposed solution no longer works. Perhaps it did work in *nix systems, but no in Windows?
The text was updated successfully, but these errors were encountered: