Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable TLS Certificate Check #334

Open
2 tasks
BoneyAz opened this issue Nov 27, 2023 · 3 comments
Open
2 tasks

Disable TLS Certificate Check #334

BoneyAz opened this issue Nov 27, 2023 · 3 comments
Labels
feature-request A feature should be added or improved. module/powershell-cmdlets p2 This is a standard priority issue queued

Comments

@BoneyAz
Copy link

BoneyAz commented Nov 27, 2023

Describe the feature

Issue previously reported and closed #89

Would like to include a feature to disable TLS certificate verification when using custom endpoints for AWS services. My use case is to use Powershell Tools against Snowball Edge services.

Use Case

I am attempting to use the AWS Tools for Powershell against AWS services running on Snowball edge. Some services such as IAM, EC2, STS etc. are enabled over both HTTP and HTTPS. The relevant powershell commands work against the HTTP endpoints, however my strong preference is to use HTTPS.

The new S3 Compatible service only offers HTTPS endpoints.

All HTTPS services on Snowball Edge are presented with the internally generated certificate AWS Snowball Edge - Managing public key certificates

Proposed Solution

Using the HTTPS endpoints with AWS CLI is possible by including the --no-verify-ssl parameter. Would it be possible to implement a similar common parameter in the AWS Tools for Powershell commands?

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

AWS Tools for PowerShell version used

AWS Tools for PowerShell
Version 4.1.456
Copyright 2012-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Amazon Web Services SDK for .NET
Core Runtime Version 3.7.300.5
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

PowerShell version used

Name Value

PSVersion 7.2.17
PSEdition Core
GitCommitId 7.2.17
OS Linux 6.4.16-linuxkit #1 SMP PREEMPT Thu Nov 16 10:49:20 UTC 2023
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0

Operating System and version

Debian 11
@BoneyAz BoneyAz added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Nov 27, 2023
@ashishdhingra
Copy link
Contributor

Needs review with the team.

@ashishdhingra ashishdhingra added needs-review and removed needs-triage This issue or PR still needs to be triaged. labels Nov 27, 2023
@BoneyAz
Copy link
Author

BoneyAz commented Nov 28, 2023

I have found that adding the Snowball Edge certificate to the local certificate trust store enables some services such as IAM to work over HTTPS. However I would still prefer to disable TLS Validation at the command level without needing to modify certificates in the trust store.

@ashishdhingra ashishdhingra added p2 This is a standard priority issue queued and removed needs-review labels Dec 8, 2023
@msklv
Copy link

msklv commented Apr 28, 2024

Hey, everybody!
Also missing is a function to disable TLS certificate validation when working with S3 (e.g. Write-S3Object).
I will be very glad if this issue is solved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request A feature should be added or improved. module/powershell-cmdlets p2 This is a standard priority issue queued
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@msklv @BoneyAz @ashishdhingra