Troubleshooting for AWS S3¶
SSL: CERTIFICATE_VERIFY_FAILED Error in AWS CLI¶
Perform the follwoing steps to resolve the SSL: CERTIFICATE_VERIFY_FAILED error encountered while using the AWS CLI.
- Install certifi for your operating system:
- For Ubuntu:
Bash - For macOS:
Bash
- For Ubuntu:
- Run the following command to locate the
cacert.pemfile.This command will display the full path of theBash cacert.pemfile. Copy this path for use in the following step. - Open the
privacera_aws.shfile.Bash - Locate the variable named
PYTHON_DEFAULT_CACERT_FILEwithin the script.Bash - Update the variable value by replacing
<location>/cacert.pemwith the copied path to yourcacert.pemfile obtained in the preceding step.
- Locate the variable named
- Run the following command to disable the endpoint:
Bash - Subsequently, run the following command enable the endpoint:
Bash - Run AWS CLI commands.
Proxy Authentication Required error in AWS CLI¶
If you encounter the error An error occurred (407) when calling the ListObjectsV2 operation: Proxy Authentication Required or Unable to locate credentials, perform following steps:
- Unset AWS_DEFAULT_PROFILE:
- Ensure that the
AWS_DEFAULT_PROFILEenvironment variable is unset. This can prevent conflicts with default AWS CLI profiles. - To unset the variable, use the following command:
Bash
- Ensure that the
- Additional Checks:
- Permissions:
- Verify that the necessary permissions are granted for the operation. Check the audits to see if permission was denied. If so, create the required policy to grant access.
- Privacera Tokens:
- Ensure that the Privacera Access Token and Privacera Secret Token used in your privacera_aws.sh file are correctly configured. These tokens are crucial for authenticating with Privacera services.
- Permissions:
- Prev topic: Advanced Configuration