Azure Kubernetes SCIM SSL Error

RDASYS · November 2022

Following This KB / Walkthrough to Setup the 1Password SCIM Bridge:
https://support.1password.com/scim-deploy-azure/

I am unable to access the SCIM bridge via Browser or when running CURL cmdlet:
curl --header "Authorization: Bearer BEARER_TOKEN_STRING" https://scim.ORG-URL.com/scim/Users

Browser Result:
Error code: SSL_ERROR_INTERNAL_ERROR_ALERT
CURL Result:
curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

Additional troubleshooting steps - SCIM LETSENCRYPT request + restart:
kubectl set env deploy/op-scim-bridge OP_LETSENCRYPT_DOMAIN=scim.ORG-URL.com
kubectl scale --replicas=0 deployment/op-scim-bridge
kubectl scale --replicas=0 deployment/op-scim-redis
kubectl scale --replicas=2 deployment/op-scim-bridge
kubectl scale --replicas=2 deployment/op-scim-redis

No Affect

Additional troubleshooting steps - SCIM LETSENCRYPT set to $null + 2nd SCIM LETSENCRYPT request + restart:
kubectl set env deploy/op-scim-bridge OP_LETSENCRYPT_DOMAIN=""
kubectl scale --replicas=0 deployment/op-scim-bridge
kubectl scale --replicas=0 deployment/op-scim-redis
kubectl scale --replicas=2 deployment/op-scim-bridge
kubectl scale --replicas=2 deployment/op-scim-redis
kubectl set env deploy/op-scim-bridge OP_LETSENCRYPT_DOMAIN=scim.ORG-URL.com
kubectl scale --replicas=0 deployment/op-scim-bridge
kubectl scale --replicas=0 deployment/op-scim-redis
kubectl scale --replicas=2 deployment/op-scim-bridge
kubectl scale --replicas=2 deployment/op-scim-redis

No Affect

Above was done after 2 'fresh start' re-deployments, where azure 1pass related assets were removed & redeployed

All pods are running just fine, so I assume that the issue is the the LetsEncrypt Cert

Latest SCIM bridge version (v2.6.2)
1Password for Business

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Referrer: forum-search:Azure Kubernetes SCIM SSL Error

RDASYS · November 2022

Same Exact issue as Here:
https://1password.community/discussion/120208/azure-scim-bridge-ssl-protocol-error

RDASYS · November 2022

Reviewed This Article for several KUBECTL cmdlets
https://1password.community/discussion/127618/encountered-an-error-when-testing-the-scim-bridge-for-our-azure-kubernetes

RDASYS · November 2022

Attempted the Invoke-WebRequest powershell method found in the below article:

https://1password.community/discussion/125798/scim-bridge-test

Received the below output:
Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel.

Jack.P_1P · November 2022

Hi @RDASYS:

Your best bet would be to reach out to us directly via email at businesssupport@1password.com. Please let me know if you have already, and I'll take a look in our system for your email.

Jack

Azure Kubernetes SCIM SSL Error

Comments