azure-cli: Webapp:az webapp config ssl failing
This is autogenerated. Please review and update as needed.
Trying to add certificate to webapp using powershell but constantly failing at this error:
Command Name
az webapp config ssl upload
Errors:
[('PKCS12 routines', 'PKCS12_parse', 'mac verify failure')]
Traceback (most recent call last):
Temp\pip-unpacked-wheel-2q13h4sp\knack\cli.py, ln 215, in invoke
cli\core\commands\__init__.py, ln 654, in execute
cli\core\commands\__init__.py, ln 718, in _run_jobs_serially
cli\core\commands\__init__.py, ln 711, in _run_job
Local\Temp\pip-unpacked-wheel-39yzrobz\six.py, ln 703, in reraise
cli\core\commands\__init__.py, ln 688, in _run_job
...
Temp\pip-unpacked-wheel-15a0onnd\OpenSSL\crypto.py, ln 3067, in load_pkcs12
Temp\pip-unpacked-wheel-15a0onnd\OpenSSL\_util.py, ln 54, in exception_from_error_queue
OpenSSL.crypto.Error: [('PKCS12 routines', 'PKCS12_parse', 'mac verify failure')]
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
- Put any pre-requisite steps here…
az webapp config ssl upload --certificate-file {} --certificate-password {} --name {} --resource-group {} --debug
Expected Behavior
Environment Summary
Windows-10-10.0.18362-SP0
Python 3.6.8
Installer: MSI
azure-cli 2.10.0 *
Additional Context
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 15 (6 by maintainers)
Commits related to this issue
- fix #14729 — committed to StrawnSC/azure-cli by StrawnSC a year ago
- [App Service] Fix #14729: az webapp config ssl upload: Refine error handling for OpenSSL.crypto.Error when obtaining the certificate's thrumbprint failed (#25447) — committed to Azure/azure-cli by StrawnSC a year ago
- [App Service] Fix #14729: az webapp config ssl upload: Refine error handling for OpenSSL.crypto.Error when obtaining the certificate's thrumbprint failed (#25447) — committed to avgale/azure-cli by StrawnSC a year ago
Looks like this was the error we got when the password was incorrect. Fixing the password allowed the command to work. Would’ve been nice if the library gave some reasonable error instead of the stack trace. FYI - we saw this behavior on PS, command prompt and bash.