Please ensure you have network connection. Error detail: HTTPSConnectionPool(host=’aka.ms’, port=443): Max retries exceeded with url: /azure-cli-extension-index-v1 (Caused by SSLError(SSLError(“bad handshake: Error([(‘SSL routines’, ‘tls_process_server_certificate’, ‘certificate verify failed’)],)”,),))error An unexpected error occurred: “https://registry.yarnpkg.com/<package name>: self signed certificate in certificate chain”.npm ERR! code SELF_SIGNED_CERT_IN_CHAIN
npm ERR! errno SELF_SIGNED_CERT_IN_CHAIN
npm ERR! request to https://registry.npmjs.org/<package name> failed, reason: self signed certificate in certificate chain
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by ‘SSLError(SSLCertVerificationError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)’))’: /simple/py7zr/
Could not fetch URL https://pypi.org/simple/py7zr/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host=’pypi.org’, port=443): Max retries exceeded with url: /simple/py7zr/ (Caused by SSLError(SSLCertVerificationError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)’))) — skipping
When working on projects behind a SSL Proxy you may encounter often an error of cetificate verification.
If you are already in production you should add the certificate to your store or some specific folder depending of the tools you are using.
But to solve this error for dev/testing jobs, here a compilation of workarounds for differents situations.
NPM / Yarn
npm config set strict-ssl falseyarn config set “strict-ssl” false
Azure CLI
AZURE_CLI_DISABLE_CONNECTION_VERIFICATION=1Python
pip config set trusted-host pypi.python.org pypi.org files.pythonhosted.orgPS: This solution shouldn’t be used permantly or widely because it bypass the cetificate validation all together and obviously that’s not a good practice. The purpose of this article, is to have a list to work around this restriction while the security guys validates the use cases which can take a while, sometimes :)
