Skip to content

az kevault secret download fails behind a proxy #25469

New issue
New issue
Closed
Closed
az kevault secret download fails behind a proxy#25469
Assignees
jiaslievelyn-ys
Labels
Accountaz login/accountAuto-AssignAuto assign by botAzure CLI TeamThe command of the issue is owned by Azure CLI teamKeyVaultaz keyvaultOKR CandidateThis label is used to track how many GitHub issues we have resolved for OKR purpose.customer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-requestneeds-author-feedbackMore information is needed from author to address the issue.no-recent-activityThere has been no recent activity on this issue.
@Divya1388

Description

@Divya1388
Divya1388
opened on Feb 15, 2023

This is similar to #2505

We are running azure cli behind a proxy and most of the commands work except for az keyvault secret downlod. az keyvault command work as well. The error we get when trying to download a secret from keyvault is:

cli.azure.cli.core.azclierror: Error occurred in request., ProxyError: HTTPSConnectionPool(host='kv---poc-01.vault.azure.net', port=443): Max retries exceeded with url: /secrets/azure/?api-version=7.0 (Caused by ProxyError('Cannot connect to proxy.', ConnectionResetError(104, 'Connection reset by peer')))
az_command_data_logger: Error occurred in request., ProxyError: HTTPSConnectionPool(host='kv-cmk-test-poc-01.vault.azure.net', port=443): Max retries exceeded with url: /secrets/azure/?api-version=7.0 (Caused by ProxyError('Cannot connect to proxy.', ConnectionResetError(104, 'Connection reset by peer')))

Command Name
az keyvault secret download

Errors:

cli.azure.cli.core.azclierror: Error occurred in request., ProxyError: HTTPSConnectionPool(host='kv-*-*-poc-01.vault.azure.net', port=443): Max retries exceeded with url: /secrets/azure/?api-version=7.0 (Caused by ProxyError('Cannot connect to proxy.', ConnectionResetError(104, 'Connection reset by peer')))
az_command_data_logger: Error occurred in request., ProxyError: HTTPSConnectionPool(host='kv-cmk-test-poc-01.vault.azure.net', port=443): Max retries exceeded with url: /secrets/azure/?api-version=7.0 (Caused by ProxyError('Cannot connect to proxy.', ConnectionResetError(104, 'Connection reset by peer')))

And because of this new proxy setup within the organization, most of our builds are failing.
Any help on this will be awesome

To Reproduce:

Set up Azure CLI behind proxy using HTTPS_PROXY="*"
Run a az keyvault secret download command

Expected Behavior

Should download the secret from kevault

Environment Summary

Linux-4.18.0-425.10.1.el8_7.x86_64-x86_64-with-glibc2.28, Red Hat Enterprise Linux 8.7 (Ootpa)
Python 3.9.13
Installer: RPM

azure-cli 2.45.0

Extensions:
notification-hub 0.2.0

Dependencies:
msal 1.20.0
azure-mgmt-resource 21.1.0b1

Metadata

Metadata

Assignees

Labels

Accountaz login/accountAuto-AssignAuto assign by botAzure CLI TeamThe command of the issue is owned by Azure CLI teamKeyVaultaz keyvaultOKR CandidateThis label is used to track how many GitHub issues we have resolved for OKR purpose.customer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-requestneeds-author-feedbackMore information is needed from author to address the issue.no-recent-activityThere has been no recent activity on this issue.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions