I’m running Terraform Installer Tool task from Azure DevOps pipeline and starting to get the following errors.
Getting latest Terraform version.
Unable to get latest version: using 1.1.6
Downloading: https://releases.hashicorp.com/terraform/1.1.6/terraform_1.1.6_linux_amd64.zip
##[error]Error: Failed to download Terraform from url https://releases.hashicorp.com/terraform/1.1.6/terraform_1.1.6_linux_amd64.zip. Error Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1539:34)
at TLSSocket.emit (node:events:513:28)
at TLSSocket._finishInit (node:_tls_wrap:953:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:734:12) {
code: ‘SELF_SIGNED_CERT_IN_CHAIN’
}
Any help would be greatly appreciated!
Hi @devopsdude12,
It seems that there’s some third-party software dealing with this download, but I recognize this error message as one that OpenSSL returns when a server tries to authenticate itself using a self-signed certificate.
The certificate on the real releases.hashicorp.com is not self-signed; currently, it’s a certificate issued by Amazon’s CA because that service is hosted on Amazon Web Services.
That suggests to me that your client is not connecting to the “real” releases.hashicorp.com, but I can’t explain why that would be. One scenario which causes symptoms like this is when a network is configured to force HTTPS connections through some kind of middlebox that tries to use its own key and certificate so it can access the encrypted data inside the channel, which assumes that clients are configured to trust that certificate. However, I would expect that if that were true for you then you’d know about it already, particularly if you are running Terraform in a worker provided by Azure DevOps.