Deploy script fails to trust AWS CA TLS certificate

The deploy script fails with error:

Failed to authenticate with PrivX: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1108)

Circumstances
The PrivX instance is running in Amazon and the TLS certificate is provided by AWS CA (e.g. using AWS ALB).

Solution
Prepend Amazon Root CA certificate to the trust anchor certificate chain.
Run /opt/privx/scripts/init_nginx.sh update-trust /path/to/ca_chain.crt
Restart PrivX service
Re-download the deploy script and try again


Did this page help you?