You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This task fails for about two months now, as it is unable to valid the certificate in the web application. So far we have followed up the issue with Microsoft support, but they couldn't help us. Hence we want to check, if maybe you can help with this. We are using self-hosted VMSS pool, with Windows 2022 OS and we are using the GitHub Action Runner Images as baseimage. https://github.com/actions/runner-images
The certificates set in the Azure Web App are Cloudflare ones and they are valid until 2025.
Can you please recommend some troubleshooting steps, so we could find out why this task is failing? Previously it was working fine, it started failing right after the CrowdStrike incident. We are aware that it has nothing to with this issue, but that's when this problem occurred first and still persist.
Note: we have an VMSS Ubuntu pool, which is using the same runner image and the issue doesn't appear there. Unfortuantely our customer can run the pipeline only on Windows pool, since they are using XML transformation.
Environment type (Please select at least one enviroment where you face this issue)
Self-Hosted
Microsoft Hosted
VMSS Pool
Container
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
No response
Operation system
Windows 2022
Relevant log output
##[warning]To use a certificate in App Service, the certificate must be signed by a trusted certificate authority. If your web app gives you certificate validation errors, you're probably using a self-signed certificate and to resolve them you need to pass -allowUntrusted in additional arguments of web deploy option.
##[error]Error: Error Code: ERROR_CERTIFICATE_VALIDATION_FAILED
More Information: Connected to the remote computer ("frp-d-bucketer.scm.azurewebsites.net") using the specified process ("Web Management Service"), but could not verify the server’s certificate. If you trust the server, connect again and allow untrusted certificates. Learn more at: https://go.microsoft.com/fwlink/?LinkId=221672#ERROR_CERTIFICATE_VALIDATION_FAILED.
Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Error: The remote certificate is invalid according to the validation procedure.
Error count: 1.
Full task logs with system.debug enabled
Starting: AzureRmWebAppDeployment
==============================================================================
Task : Azure App Service deploy
Description : Deploy to Azure App Service a web, mobile, or API app using Docker, Java, .NET, .NET Core, Node.js, PHP, Python, or Ruby
Version : 4.229.0
Author : Microsoft Corporation
Help : https://aka.ms/azureappservicetroubleshooting
==============================================================================
Got service connection details for Azure App Service:'frp-d-bucketer'
C:\a\_tasks\AzureRmWebAppDeployment_497d490f-eea7-4f2b-ab94-48d9c1acdcb1\4.229.0\node_modules\azure-pipelines-tasks-webdeployment-common\7zip\7zip\7z.exe x -oC:\a\_temp\temp_web_package_28715415481665096 C:\a\1\a\Bucketer.zip
Scanning the drive for archives:
1 file, 28710087 bytes (28 MiB)
Extracting archive: C:\a\1\a\Bucketer.zip
Path = C:\a\1\a\Bucketer.zip
Type = zip
Physical Size = 28710087
Everything is Ok
Folders: 157
Files: 1081
Size: 88551475
Compressed: 28710087
ConnectionString attributes in Web.config is parameterized by default. Note that the transformation has no effect on connectionString attributes as the value is overridden during deployment by 'Parameters.xml or 'SetParameters.xml' files. You can disable the auto-parameterization by setting /p:AutoParameterizationWebConfigConnectionStrings=False during MSBuild package generation.
C:\a_tasks\AzureRmWebAppDeployment_497d490f-eea7-4f2b-ab94-48d9c1acdcb1\4.229.0\ctt\ctt.exe s:C:\a_temp\temp_web_package_28715415481665096\Content\C_C\a\1\s\Bucketer\obj\Release\Package\PackageTmp\Web.config t:C:\a_temp\temp_web_package_28715415481665096\Content\C_C\a\1\s\Bucketer\obj\Release\Package\PackageTmp\Web.Release.config d:C:\a_temp\temp_web_package_28715415481665096\Content\C_C\a\1\s\Bucketer\obj\Release\Package\PackageTmp\Web.config pw i verbose
Start tranformation to 'C:\a_temp\temp_web_package_28715415481665096\Content\C_C\a\1\s\Bucketer\obj\Release\Package\PackageTmp\Web.config'.
Source file: 'C:\a_temp\temp_web_package_28715415481665096\Content\C_C\a\1\s\Bucketer\obj\Release\Package\PackageTmp\Web.config'.
Transform file: 'C:\a_temp\temp_web_package_28715415481665096\Content\C_C\a\1\s\Bucketer\obj\Release\Package\PackageTmp\Web.Release.config'.
Transformation task is using encoding 'System.Text.UTF8Encoding'. Change encoding in source file, or use the 'encoding' parameter if you want to change encoding.
Executing RemoveAttributes (transform line 18, 18)
on /configuration/system.web/compilation
Applying to 'compilation' element (no source line info)
Removed 'debug' attribute
New issue checklist
Task name
AzureRMWebAppDeployment@4
Task version
4.229.0
Issue Description
This task fails for about two months now, as it is unable to valid the certificate in the web application. So far we have followed up the issue with Microsoft support, but they couldn't help us. Hence we want to check, if maybe you can help with this. We are using self-hosted VMSS pool, with Windows 2022 OS and we are using the GitHub Action Runner Images as baseimage.
https://github.com/actions/runner-images
The certificates set in the Azure Web App are Cloudflare ones and they are valid until 2025.
Can you please recommend some troubleshooting steps, so we could find out why this task is failing? Previously it was working fine, it started failing right after the CrowdStrike incident. We are aware that it has nothing to with this issue, but that's when this problem occurred first and still persist.
Note: we have an VMSS Ubuntu pool, which is using the same runner image and the issue doesn't appear there. Unfortuantely our customer can run the pipeline only on Windows pool, since they are using XML transformation.
Environment type (Please select at least one enviroment where you face this issue)
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
No response
Operation system
Windows 2022
Relevant log output
##[warning]To use a certificate in App Service, the certificate must be signed by a trusted certificate authority. If your web app gives you certificate validation errors, you're probably using a self-signed certificate and to resolve them you need to pass -allowUntrusted in additional arguments of web deploy option.
##[error]Error: Error Code: ERROR_CERTIFICATE_VALIDATION_FAILED
More Information: Connected to the remote computer ("frp-d-bucketer.scm.azurewebsites.net") using the specified process ("Web Management Service"), but could not verify the server’s certificate. If you trust the server, connect again and allow untrusted certificates. Learn more at: https://go.microsoft.com/fwlink/?LinkId=221672#ERROR_CERTIFICATE_VALIDATION_FAILED.
Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Error: The remote certificate is invalid according to the validation procedure.
Error count: 1.
Full task logs with system.debug enabled
Repro steps
No response
The text was updated successfully, but these errors were encountered: