Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Initial aws-adfs login fails due to connection forcibly closed #390

Open
maxsolo96 opened this issue Jun 22, 2023 · 1 comment
Open

Initial aws-adfs login fails due to connection forcibly closed #390

maxsolo96 opened this issue Jun 22, 2023 · 1 comment
Labels
help wanted question

Comments

@maxsolo96
Copy link

I installed the tool using pip on Windows Server 2012R2.
Executing the following command:

aws-adfs login --adfs-host=<adfs-hostname>

results with the following error code:

`Traceback (most recent call last):
  File "c:\users\user1\appdata\local\programs\python\python38\lib\site-packages\urllib3\connectionpool.py", line 714,
in urlopen
    httplib_response = self._make_request(
  File "c:\users\user1\appdata\local\programs\python\python38\lib\site-packages\urllib3\connectionpool.py", line 403,
in _make_request
    self._validate_conn(conn)
  File "c:\users\user1\appdata\local\programs\python\python38\lib\site-packages\urllib3\connectionpool.py", line 1053,
 in _validate_conn
    conn.connect()
  File "c:\users\user1\appdata\local\programs\python\python38\lib\site-packages\urllib3\connection.py", line 419, in c
onnect
    self.sock = ssl_wrap_socket(
  File "c:\users\user1\appdata\local\programs\python\python38\lib\site-packages\urllib3\util\ssl_.py", line 449, in ss
l_wrap_socket
    ssl_sock = _ssl_wrap_socket_impl(
  File "c:\users\user1\appdata\local\programs\python\python38\lib\site-packages\urllib3\util\ssl_.py", line 493, in _s
sl_wrap_socket_impl
    return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
  File "c:\users\user1\appdata\local\programs\python\python38\lib\ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "c:\users\user1\appdata\local\programs\python\python38\lib\ssl.py", line 1040, in _create
    self.do_handshake()
  File "c:\users\user1\appdata\local\programs\python\python38\lib\ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ConnectionResetError: [WinError 10054] An existing connection was forcibly closed by the remote host`

Tried adding username and password flags as well but it was futile.
Is there something I am missing?
@mattmauriello
Copy link
Contributor

A bit late to respond here, but based on the log im guessing your SSL handshake is failing. if your ADFS host is using a Certificate issued by a corporate internal CA, the libraries that aws-adfs is using for SSL likely do not include it in their trust store. I had this issue not for ADFS, but when connecting out for MFA. I had to add the targets CA certificate to the site-packages/certifi/cacert.pem file under the aws-adfs VirtualEnv to overcome that issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pdecat @mattmauriello @maxsolo96