SSL Error #316
-
|
Hello team I am building a Lambda function with latest PowerShell runtime, the function is connected to a VPC. We have Palo Altos in the network and all the traffic passes through firewalls. There is SSL Decrypt in place. When executing the lambda when its not connected to VPC it runs successfully but when executing it while its connected to VPC I am getting below error. Is there a way to add the root CA in the layers so that the functions runs successfully? "InnerException": "System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot\n at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)\n at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)\n at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)\n at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)", Thanks |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
I was able to get around the problem by creating an additional layer with the root CA and adding the environment variable SSL_CERT_FILE with value pointing to the certificate file which gets mounted to /opt as part of the certificate layer. |
Beta Was this translation helpful? Give feedback.
-
|
Hello! Reopening this discussion to make it searchable. |
Beta Was this translation helpful? Give feedback.
I was able to get around the problem by creating an additional layer with the root CA and adding the environment variable SSL_CERT_FILE with value pointing to the certificate file which gets mounted to /opt as part of the certificate layer.