Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1056) when listing certificates #5773

Closed
blkwinds opened this issue Dec 1, 2020 · 3 comments
Closed

ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1056) when listing certificates #5773

blkwinds opened this issue Dec 1, 2020 · 3 comments
Labels
closed-for-staleness guidance Question that needs advice or information.

Comments

@blkwinds
Copy link

blkwinds commented Dec 1, 2020

Confirm by changing [ ] to [x] below to ensure that it's a bug:

Describe the bug
I did run "aws acm list-certificates --region=us-west-2 --no-verify-ssl --output text --debug" with aws cli 2.1.1 and get the following error. With aws 2.0.54, everything works well.

...
2020-11-30 22:59:26,683 - MainThread - botocore.endpoint - DEBUG - Exception received when sending HTTP request.
Traceback (most recent call last):
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1056)
...

SDK version number
N/A

Platform/OS/Hardware/Device
Redhat 7.9 ec2 instance

To Reproduce (observed behavior)
aws acm list-certificates --region=us-west-2 --no-verify-ssl --output text --debug

Expected behavior
certificates should be listed out.

Logs/output
root@ip-10-17-10-187 bin]# aws acm list-certificates --region=us-west-2 --no-verify-ssl --output text --debug
2020-12-01 09:37:22,228 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.1.1 Python/3.7.3 Linux/3.10.0-1160.6.1.el7.x86_64 exe/x86_64.rhel.7
2020-12-01 09:37:22,228 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['acm', 'list-certificates', '--region=us-west-2', '--no-verify-ssl', '--output', 'text', '--debug']
2020-12-01 09:37:22,239 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionadd_s3 at 0x2b864fb4cc80>
2020-12-01 09:37:22,239 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionadd_ddb at 0x2b864f9ce9d8>
2020-12-01 09:37:22,239 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.configure.configure.ConfigureCommand'>>
2020-12-01 09:37:22,240 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionchange_name at 0x2b864f978598>
2020-12-01 09:37:22,240 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionchange_name at 0x2b864f981598>
2020-12-01 09:37:22,240 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionalias_opsworks_cm at 0x2b864fb5e400>
2020-12-01 09:37:22,240 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionadd_history_commands at 0x2b864fa170d0>
2020-12-01 09:37:22,240 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.devcommands.CLIDevCommand'>>
2020-12-01 09:37:22,240 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <functionadd_waiters at 0x2b864fb536a8>
2020-12-01 09:37:22,240 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.1.1/dist/awscli/data/cli.json
2020-12-01 09:37:22,242 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_types at 0x2b864fabfea0>
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function no_sign_request at 0x2b864fac11e0>
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_verify_ssl at 0x2b864fac1158>
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_read_timeout at 0x2b864fac12f0>
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_connect_timeout at 0x2b864fac1268>
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <built-in method update of dict object at 0x2b864fbd2ea0>
2020-12-01 09:37:22,243 - MainThread - botocore.session - DEBUG - Setting config variable for region to 'us-west-2'
2020-12-01 09:37:22,243 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.1.1 Python/3.7.3 Linux/3.10.0-1160.6.1.el7.x86_64 exe/x86_64.rhel.7
2020-12-01 09:37:22,243 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['acm', 'list-certificates', '--region=us-west-2', '--no-verify-ssl', '--output', 'text', '--debug']
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_timestamp_parser at 0x2b864faf5268>
2020-12-01 09:37:22,243 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x2b864f567510>
2020-12-01 09:37:22,244 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_binary_formatter at 0x2b864fb90f28>
2020-12-01 09:37:22,244 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function no_pager_handler at 0x2b864f562bf8>
2020-12-01 09:37:22,244 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x2b864f5c4ae8>
2020-12-01 09:37:22,245 - MainThread - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2020-12-01 09:37:22,247 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x2b864fa14f28>
2020-12-01 09:37:22,247 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_json_file_cache at 0x2b864f9cb950>
2020-12-01 09:37:22,257 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.1.1/dist/botocore/data/acm/2015-12-08/service-2.json
2020-12-01 09:37:22,260 - MainThread - botocore.hooks - DEBUG - Event building-command-table.acm: calling handler <function add_waiters at 0x2b864fb536a8>
2020-12-01 09:37:22,270 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.1.1/dist/botocore/data/acm/2015-12-08/waiters-2.json
2020-12-01 09:37:22,271 - MainThread - awscli.clidriver - DEBUG - OrderedDict([('certificate-statuses', <awscli.arguments.ListArgument object at 0x2b864fc7f358>), ('includes', <awscli.arguments.CLIArgument object at 0x2b864fc87470>), ('next-token', <awscli.arguments.CLIArgument object at 0x2b864fc874a8>), ('max-items', <awscli.arguments.CLIArgument object at 0x2b864fc874e0>)])
2020-12-01 09:37:22,271 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.acm.list-certificates: callinghandler <function add_streaming_output_arg at 0x2b864faf5510>
2020-12-01 09:37:22,271 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.acm.list-certificates: callinghandler <function add_cli_input_json at 0x2b864f5cb378>
2020-12-01 09:37:22,271 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.acm.list-certificates: callinghandler <function add_cli_input_yaml at 0x2b864f5cb9d8>
2020-12-01 09:37:22,271 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.acm.list-certificates: callinghandler <function unify_paging_params at 0x2b864f9da0d0>
2020-12-01 09:37:22,281 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.1.1/dist/botocore/data/acm/2015-12-08/paginators-1.json
2020-12-01 09:37:22,282 - MainThread - awscli.customizations.paginate - DEBUG - Modifying paging parameters for operation: ListCertificates
2020-12-01 09:37:22,282 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.acm.list-certificates: callinghandler <function add_generate_skeleton at 0x2b864faaebf8>
2020-12-01 09:37:22,282 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.acm.list-certificates: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x2b864fc87550>>
2020-12-01 09:37:22,282 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.acm.list-certificates: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x2b864fc87588>>
2020-12-01 09:37:22,282 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.acm.list-certificates: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x2b864fc87898>>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event operation-args-parsed.acm.list-certificates: calling handler functools.partial(<function check_should_enable_pagination at 0x2b864f9da1e0>, ['next-token', 'max-items'], {'max-items': <awscli.arguments.CLIArgument object at 0x2b864fc874e0>}, OrderedDict([('certificate-statuses', <awscli.arguments.ListArgument object at 0x2b864fc7f358>), ('includes', <awscli.arguments.CLIArgument object at 0x2b864fc87470>), ('next-token', <awscli.arguments.CLIArgument object at 0x2b864fc874a8>), ('max-items', <awscli.customizations.paginate.PageArgument object at 0x2b864fc877f0>), ('cli-input-json', <awscli.customizations.cliinput.CliInputJSONArgument object at 0x2b864fc87550>), ('cli-input-yaml', <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x2b864fc87588>), ('starting-token', <awscli.customizations.paginate.PageArgument object at 0x2b864fc87748>), ('page-size', <awscli.customizations.paginate.PageArgument object at0x2b864fc87710>), ('generate-cli-skeleton', <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at0x2b864fc87898>)]))
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.certificate-statuses: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.includes: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.next-token: callinghandler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.max-items: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.cli-input-json: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.cli-input-yaml: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.starting-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.page-size: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.acm.list-certificates.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x2b864fc19fd0>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event calling-command.acm.list-certificates: calling handler<bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x2b864fc87550>>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event calling-command.acm.list-certificates: calling handler<bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x2b864fc87588>>
2020-12-01 09:37:22,283 - MainThread - botocore.hooks - DEBUG - Event calling-command.acm.list-certificates: calling handler<bound method GenerateCliSkeletonArgument.generate_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x2b864fc87898>>
2020-12-01 09:37:22,284 - MainThread - botocore.hooks - DEBUG - Event calling-command.acm.list-certificates: calling handlerfunctools.partial(<function check_should_enable_pagination_call_parameters at 0x2b864f9da598>, ['NextToken', 'MaxItems'])
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role-with-web-identity
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: sso
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: custom-process
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: config-file
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: ec2-credentials-file
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: boto-config
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: container-role
2020-12-01 09:37:22,284 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: iam-role
2020-12-01 09:37:22,285 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTP connection (1): 169.254.169.254:80
2020-12-01 09:37:22,288 - MainThread - urllib3.connectionpool - DEBUG - http://169.254.169.254:80 "PUT /latest/api/token HTTP/1.1" 200 56
2020-12-01 09:37:22,288 - MainThread - urllib3.connectionpool - DEBUG - Resetting dropped connection: 169.254.169.254
2020-12-01 09:37:22,289 - MainThread - urllib3.connectionpool - DEBUG - http://169.254.169.254:80 "GET /latest/meta-data/iam/security-credentials/ HTTP/1.1" 200 15
2020-12-01 09:37:22,290 - MainThread - urllib3.connectionpool - DEBUG - Resetting dropped connection: 169.254.169.254
2020-12-01 09:37:22,290 - MainThread - urllib3.connectionpool - DEBUG - http://169.254.169.254:80 "GET /latest/meta-data/iam/security-credentials/cognos_iam_role HTTP/1.1" 200 1310
2020-12-01 09:37:22,291 - MainThread - botocore.credentials - DEBUG - Found credentials from IAM Role: cognos_iam_role
2020-12-01 09:37:22,291 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.1.1/dist/botocore/data/endpoints.json
2020-12-01 09:37:22,297 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x2b864e1c1598>
2020-12-01 09:37:22,297 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.acm: calling handler <function add_generate_presigned_url at 0x2b864e1779d8>
2020-12-01 09:37:22,302 - MainThread - botocore.endpoint - DEBUG - Setting acm timeout as (60, 60)
2020-12-01 09:37:22,306 - MainThread - botocore.hooks - DEBUG - Event provide-client-params.acm.ListCertificates: calling handler <function base64_decode_input_blobs at 0x2b864fb8f6a8>
2020-12-01 09:37:22,307 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.acm.ListCertificates: calling handler <function generate_idempotent_uuid at 0x2b864e1e6400>
2020-12-01 09:37:22,307 - MainThread - botocore.hooks - DEBUG - Event before-call.acm.ListCertificates: calling handler <function inject_api_version_header_if_needed at 0x2b864e1e7b70>
2020-12-01 09:37:22,307 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=ListCertificates) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'X-Amz-Target': 'CertificateManager.ListCertificates', 'Content-Type': 'application/x-amz-json-1.1', 'User-Agent': 'aws-cli/2.1.1 Python/3.7.3 Linux/3.10.0-1160.6.1.el7.x86_64 exe/x86_64.rhel.7 command/acm.list-certificates'}, 'body': b'{}', 'url': 'https://acm.us-west-2.amazonaws.com/', 'context': {'client_region': 'us-west-2', 'client_config': <botocore.config.Config object at 0x2b864fed08d0>, 'has_streaming_input': False, 'auth_type': None}}
2020-12-01 09:37:22,307 - MainThread - botocore.hooks - DEBUG - Event request-created.acm.ListCertificates: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x2b864fed0860>>
2020-12-01 09:37:22,307 - MainThread - botocore.hooks - DEBUG - Event choose-signer.acm.ListCertificates: calling handler <function set_operation_specific_signer at 0x2b864e1e62f0>
2020-12-01 09:37:22,308 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2020-12-01 09:37:22,308 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/

content-type:application/x-amz-json-1.1
host:acm.us-west-2.amazonaws.com
x-amz-date:20201201T093722Z
x-amz-security-token:[......]
x-amz-target:CertificateManager.ListCertificates

content-type;host;x-amz-date;x-amz-security-token;x-amz-target
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
2020-12-01 09:37:22,308 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20201201T093722Z
20201201/us-west-2/acm/aws4_request
172f4d62656baa6f4a83e414f38eb5473c9ab7b868fb18d900c3b83357b5b3f4
2020-12-01 09:37:22,308 - MainThread - botocore.auth - DEBUG - Signature:
c11c50936f0ac5b46107425358927216afc7a514c63dd46a8d3e7348d70a01cf
2020-12-01 09:37:22,308 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://acm.us-west-2.amazonaws.com/, headers={'X-Amz-Target': b'CertificateManager.ListCertificates','Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/2.1.1 Python/3.7.3 Linux/3.10.0-1160.6.1.el7.x86_64 exe/x86_64.rhel.7 command/acm.list-certificates', 'X-Amz-Date': b'20201201T093722Z', 'X-Amz-Security-Token':......', 'Authorization': b'...', 'Content-Length': '2'}>
2020-12-01 09:37:22,309 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (1): acm.us-west-2.amazonaws.com:443
2020-12-01 09:37:22,316 - MainThread - botocore.endpoint - DEBUG - Exception received when sending HTTP request.
Traceback (most recent call last):
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1056)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "botocore/httpsession.py", line 263, in send
File "urllib3/connectionpool.py", line 756, in urlopen
File "urllib3/util/retry.py", line 506, in increment
File "urllib3/packages/six.py", line 734, in reraise
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
urllib3.exceptions.SSLError: EOF occurred in violation of protocol (_ssl.c:1056)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "botocore/endpoint.py", line 200, in _do_get_response
File "botocore/endpoint.py", line 269, in _send
File "botocore/httpsession.py", line 281, in send
botocore.exceptions.SSLError: SSL validation failed for https://acm.us-west-2.amazonaws.com/ EOF occurred in violation of protocol (_ssl.c:1056)
2020-12-01 09:37:22,317 - MainThread - botocore.hooks - DEBUG - Event needs-retry.acm.ListCertificates: calling handler <bound method RetryHandler.needs_retry of <botocore.retries.standard.RetryHandler object at 0x2b864ff290f0>>
2020-12-01 09:37:22,317 - MainThread - botocore.retries.standard - DEBUG - Retry needed, retrying request after delay of: 0.43173698393601057
2020-12-01 09:37:22,317 - MainThread - botocore.endpoint - DEBUG - Response received to retry, sleeping for 0.43173698393601057 seconds
2020-12-01 09:37:22,749 - MainThread - botocore.hooks - DEBUG - Event request-created.acm.ListCertificates: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x2b864fed0860>>
2020-12-01 09:37:22,749 - MainThread - botocore.hooks - DEBUG - Event choose-signer.acm.ListCertificates: calling handler <function set_operation_specific_signer at 0x2b864e1e62f0>
2020-12-01 09:37:22,750 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2020-12-01 09:37:22,750 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/

content-type:application/x-amz-json-1.1
host:acm.us-west-2.amazonaws.com
x-amz-date:20201201T093722Z
x-amz-security-token:[......]
x-amz-target:CertificateManager.ListCertificates

content-type;host;x-amz-date;x-amz-security-token;x-amz-target
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
2020-12-01 09:37:22,750 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20201201T093722Z
20201201/us-west-2/acm/aws4_request
172f4d62656baa6f4a83e414f38eb5473c9ab7b868fb18d900c3b83357b5b3f4
2020-12-01 09:37:22,750 - MainThread - botocore.auth - DEBUG - Signature:
c11c50936f0ac5b46107425358927216afc7a514c63dd46a8d3e7348d70a01cf
2020-12-01 09:37:22,750 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://acm.us-west-2.amazonaws.com/, headers={'X-Amz-Target': b'CertificateManager.ListCertificates','Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/2.1.1 Python/3.7.3 Linux/3.10.0-1160.6.1.el7.x86_64 exe/x86_64.rhel.7 command/acm.list-certificates', 'X-Amz-Date': b'20201201T093722Z', 'X-Amz-Security-Token': b'......', 'Authorization': b'...', 'Content-Length': '2'}>
2020-12-01 09:37:22,750 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (2): acm.us-west-2.amazonaws.com:443
2020-12-01 09:37:22,753 - MainThread - botocore.endpoint - DEBUG - Exception received when sending HTTP request.
Traceback (most recent call last):
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1056)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "botocore/httpsession.py", line 263, in send
File "urllib3/connectionpool.py", line 756, in urlopen
File "urllib3/util/retry.py", line 506, in increment
File "urllib3/packages/six.py", line 734, in reraise
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
urllib3.exceptions.SSLError: EOF occurred in violation of protocol (_ssl.c:1056)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "botocore/endpoint.py", line 200, in _do_get_response
File "botocore/endpoint.py", line 269, in _send
File "botocore/httpsession.py", line 281, in send
botocore.exceptions.SSLError: SSL validation failed for https://acm.us-west-2.amazonaws.com/ EOF occurred in violation of protocol (_ssl.c:1056)
2020-12-01 09:37:22,753 - MainThread - botocore.hooks - DEBUG - Event needs-retry.acm.ListCertificates: calling handler <bound method RetryHandler.needs_retry of <botocore.retries.standard.RetryHandler object at 0x2b864ff290f0>>
2020-12-01 09:37:22,753 - MainThread - botocore.retries.standard - DEBUG - Retry needed, retrying request after delay of: 1.419688592327788
2020-12-01 09:37:22,753 - MainThread - botocore.endpoint - DEBUG - Response received to retry, sleeping for 1.419688592327788 seconds
2020-12-01 09:37:24,175 - MainThread - botocore.hooks - DEBUG - Event request-created.acm.ListCertificates: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x2b864fed0860>>
2020-12-01 09:37:24,175 - MainThread - botocore.hooks - DEBUG - Event choose-signer.acm.ListCertificates: calling handler <function set_operation_specific_signer at 0x2b864e1e62f0>
2020-12-01 09:37:24,175 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2020-12-01 09:37:24,175 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/

content-type:application/x-amz-json-1.1
host:acm.us-west-2.amazonaws.com
x-amz-date:20201201T093724Z
x-amz-security-token:...
x-amz-target:CertificateManager.ListCertificates

content-type;host;x-amz-date;x-amz-security-token;x-amz-target
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
2020-12-01 09:37:24,175 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20201201T093724Z
20201201/us-west-2/acm/aws4_request
...
2020-12-01 09:37:24,175 - MainThread - botocore.auth - DEBUG - Signature:
e8b2336af045bae984f1a5993a48f932080f756c51c4c21e0720c9ed835c3519
2020-12-01 09:37:24,176 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://acm.us-west-2.amazonaws.com/, headers={'X-Amz-Target': b'CertificateManager.ListCertificates','Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/2.1.1 Python/3.7.3 Linux/3.10.0-1160.6.1.el7.x86_64 exe/x86_64.rhel.7 command/acm.list-certificates', 'X-Amz-Date': b'20201201T093724Z', 'X-Amz-Security-Token':...', 'Authorization': b'...', 'Content-Length': '2'}>
2020-12-01 09:37:24,176 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (3): acm.us-west-2.amazonaws.com:443
2020-12-01 09:37:24,179 - MainThread - botocore.endpoint - DEBUG - Exception received when sending HTTP request.
Traceback (most recent call last):
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1056)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "botocore/httpsession.py", line 263, in send
File "urllib3/connectionpool.py", line 756, in urlopen
File "urllib3/util/retry.py", line 506, in increment
File "urllib3/packages/six.py", line 734, in reraise
File "urllib3/connectionpool.py", line 696, in urlopen
File "urllib3/connectionpool.py", line 964, in prepare_proxy
File "urllib3/connection.py", line 359, in connect
File "urllib3/connection.py", line 502, in connect_tls_proxy
File "urllib3/util/ssl.py", line 421, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 464, in _ssl_wrap_socket_impl
File "ssl.py", line 412, in wrap_socket
File "ssl.py", line 853, in _create
File "ssl.py", line 1117, in do_handshake
urllib3.exceptions.SSLError: EOF occurred in violation of protocol (_ssl.c:1056)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "botocore/endpoint.py", line 200, in _do_get_response
File "botocore/endpoint.py", line 269, in _send
File "botocore/httpsession.py", line 281, in send
botocore.exceptions.SSLError: SSL validation failed for https://acm.us-west-2.amazonaws.com/ EOF occurred in violation of protocol (_ssl.c:1056)
2020-12-01 09:37:24,180 - MainThread - botocore.hooks - DEBUG - Event needs-retry.acm.ListCertificates: calling handler <bound method RetryHandler.needs_retry of <botocore.retries.standard.RetryHandler object at 0x2b864ff290f0>>
2020-12-01 09:37:24,180 - MainThread - botocore.retries.standard - DEBUG - Max attempts of 3 reached.
2020-12-01 09:37:24,180 - MainThread - botocore.retries.standard - DEBUG - Not retrying request.
[root@ip-10-17-10-187 bin]# timed out waiting for input: auto-logout

Additional context
Add any other context about the problem here.
@blkwinds blkwinds added the needs-triage This issue or PR still needs to be triaged. label Dec 1, 2020
@kdaily
Copy link
Member

kdaily commented Dec 2, 2020

Hi @blkwinds, this looks like the same issue as #5744, and is related to a change of how urllib3 handles https proxies. Can you confirm that you're using a proxy too?

@kdaily kdaily added guidance Question that needs advice or information. response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. and removed needs-triage This issue or PR still needs to be triaged. labels Dec 2, 2020
@blkwinds
Copy link
Author

blkwinds commented Dec 2, 2020

Hi @blkwinds, this looks like the same issue as #5744, and is related to a change of how urllib3 handles https proxies. Can you confirm that you're using a proxy too?

Yes, we are using proxy. thank you

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Dec 2, 2020
@kdaily
Copy link
Member

kdaily commented Dec 3, 2020

@blkwinds,

Thanks for the information. The change was made for version 2.1.1 and on, hence the change from 2.0.54. You'll need to stay at that version if you're unable to adjust the configuration of your proxy.

@kdaily kdaily added the closing-soon This issue will automatically close in 4 days unless further comments are made. label Dec 3, 2020
@github-actions github-actions bot added closed-for-staleness and removed closing-soon This issue will automatically close in 4 days unless further comments are made. labels Dec 7, 2020
@github-actions github-actions bot closed this as completed Dec 7, 2020
@royorel royorel mentioned this issue Apr 16, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
closed-for-staleness guidance Question that needs advice or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kdaily @blkwinds