Azure DevOps Powershell script Could not create SSL/TLS secure channel
There are few workarounds which are working.
Workaround 1
- Use Azure Powershell Task Version 5
- Select "Azure Resource Manager Connection"
- Change ASM Module commands to Az commands
Workaround 2
- Use Azure Powershell Task Version 3
- Classic Connection
- Downgrade Azure Powershell Version to 4.2.1
Workaround 3 (for private agents)
- Create a self-signed cert in your CurrentUser\My store. you can find details on creating a self-signed cert here: https://docs.microsoft.com/en-us/azure/cloud-services/cloud-services-certs-create
- Export the public key for the cert as a DER-encoded CER file (you can use mmc or any other cert tool for this)
- Upload the .Cer file as a management certificate through the portal: https://docs.microsoft.com/en-us/previous-versions/azure/azure-api-management-certs
- Authenticate using Set-AzureSubscription:
PS C:\> Clear-AzureProfile PS C:\> $cert = Get-Item Cert:\CurrentUser\My\ PS C:\ > Set-AzureSubscription -SubscriptionName "" -SubscriptionId -Certificate $cert PS C:\> Select-AzureSubscription -SubscriptionId
Workaround 4
Add below script to each Azure Powershell task
$p = (Get-Variable Endpoint -ValueOnly).Auth.Parameters.certificate $bytes = [convert]::FromBase64String($p) [IO.File]::WriteAllBytes("C:\cert.pfx",$bytes) Import-PfxCertificate -FilePath C:\cert.pfx -CertStoreLocation cert:\CurrentUser\My . . actual script . . #remove certificate from store $thumb = (Get-PfxData -FilePath "C:\cert.pfx").EndEntityCertificates.Thumbprint Remove-Item -Path cert:\CurrentUser\My\$thumb -recurse -Force
We had the same issue. It only manifested on windows-2019
agents, not vs2017-win2016
.So you could fix it by changing the agent type, but a better fix is to use a specific Powershell version of 5.1.1
instead of latest
. It seems that latest
recently increased to 5.3.0
which causes this error.
I have the same issue and tried all these, for me it worked only if I added this after the Initialize-Azure part: "Set-AzureSubscription -SubscriptionId [my subscription id] -CurrentStorageAccountName [storage name]"