Well not exactly JNCIE related but still a pain to talk about.
My company uses NetSkope and while I am not a fan of it because of personal reasons I am learning to live with it. Today though was a fun time. I have a virtual Ubuntu machine that I was going to use for dev stuff in AWS. And because I was NAT'ing from the virtual machine to the internet NetSkope threw a nice little hissy fit. After working with help desk for an hour we found the issue.
So let's start local. My physical machine. The error was
SSL validation failed for https://ec2.us-east-2.amazonaws.com/ [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1006)
Which was the same error on my linux box. To fix this I had to run an AWS command to point to the correct CA even if it was trusted already on the computer.
aws configure set default.ca_bundle “C:\ProgramData\Netskope\STAgent\data\nscacert_combined.pem"
And voila. Fixed the issues on Windows.
For Linux I had to get the root CA cert used for NetSkope and my company and append it to the aws cert file
cat rootca.pem >> ~/aws/dist/aws-cli/awscli/botocore/cacert.pem
Then I had to create an environment variable and put that in my .bashrc file
export AWS_CA_BUNDLE=/path/to/ca-cert/cacert.pem
And again a voila moment. But one last thing. Firefox didn't like that and didn't like that I added it to the trust store of the actual system so I had to import that manually. But now all works and I am good. Things work great when you have great tech support.
