Deploy script fails to trust AWS CA TLS certificate

The deploy script fails with error:

Failed to authenticate with PrivX: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1108)

The PrivX instance is running in Amazon and the TLS certificate is provided by AWS CA (e.g. using AWS ALB).

Prepend Amazon Root CA certificate to the trust anchor certificate chain.
Run /opt/privx/scripts/ update-trust /path/to/ca_chain.crt
Restart PrivX service
Re-download the deploy script and try again

Was this page helpful?