Deploy Script Fails to Trust AWS CA TLS Certificate
The deploy script fails with the following error:
Failed to authenticate with PrivX: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1108)
This typically occurs when your PrivX instance is running on Amazon Web Services (AWS) and the TLS certificate is issued by the AWS Certificate Authority (for example, via AWS Application Load Balancer).
Potential Solution
Download the Amazon Root CA certificate.
Prepend the Amazon Root CA to your certificate chain file.
Update the trust anchor by running:
/opt/privx/scripts/init_nginx.sh update-trust /path/to/ca_chain.crt
Restart the PrivX service.
Re-download the deploy script and try again.