Azure Kubernetes SCIM SSL Error
RDASYS
Following This KB / Walkthrough to Setup the 1Password SCIM Bridge:
https://support.1password.com/scim-deploy-azure/
I am unable to access the SCIM bridge via Browser or when running CURL cmdlet:
curl --header "Authorization: Bearer BEARER_TOKEN_STRING" https://scim.ORG-URL.com/scim/Users
Browser Result:
Error code: SSL_ERROR_INTERNAL_ERROR_ALERTCURL Result:
curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
Additional troubleshooting steps - SCIM LETSENCRYPT request + restart:
kubectl set env deploy/op-scim-bridge OP_LETSENCRYPT_DOMAIN=scim.ORG-URL.com
kubectl scale --replicas=0 deployment/op-scim-bridge
kubectl scale --replicas=0 deployment/op-scim-redis
kubectl scale --replicas=2 deployment/op-scim-bridge
kubectl scale --replicas=2 deployment/op-scim-redis
- No Affect
Additional troubleshooting steps - SCIM LETSENCRYPT set to $null + 2nd SCIM LETSENCRYPT request + restart:
kubectl set env deploy/op-scim-bridge OP_LETSENCRYPT_DOMAIN=""
kubectl scale --replicas=0 deployment/op-scim-bridge
kubectl scale --replicas=0 deployment/op-scim-redis
kubectl scale --replicas=2 deployment/op-scim-bridge
kubectl scale --replicas=2 deployment/op-scim-redis
kubectl set env deploy/op-scim-bridge OP_LETSENCRYPT_DOMAIN=scim.ORG-URL.com
kubectl scale --replicas=0 deployment/op-scim-bridge
kubectl scale --replicas=0 deployment/op-scim-redis
kubectl scale --replicas=2 deployment/op-scim-bridge
kubectl scale --replicas=2 deployment/op-scim-redis
- No Affect
Above was done after 2 'fresh start' re-deployments, where azure 1pass related assets were removed & redeployed
All pods are running just fine, so I assume that the issue is the the LetsEncrypt Cert
Latest SCIM bridge version (v2.6.2)
1Password for Business
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Referrer: forum-search:Azure Kubernetes SCIM SSL Error
Comments
Same Exact issue as Here:
https://1password.community/discussion/120208/azure-scim-bridge-ssl-protocol-error
Reviewed This Article for several KUBECTL cmdlets
https://1password.community/discussion/127618/encountered-an-error-when-testing-the-scim-bridge-for-our-azure-kubernetes
Attempted the Invoke-WebRequest powershell method found in the below article:
https://1password.community/discussion/125798/scim-bridge-test
Received the below output:
Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel.
Team Member
Hi @RDASYS:
Your best bet would be to reach out to us directly via email at
[email protected]. Please let me know if you have already, and I'll take a look in our system for your email.Jack