SSL validation failed for https://s3.zoneame.amazonaws.com/ [SSL: CERTIFICATE_ VERIFY_FAILED] certificate verify failed (_ssl.c:749)

Solution 1:

The issue here is not using proxy per se (AWS CLI allows this by setting e.g. HTTPS_PROXY environment variable) but the AWS CLI client not trusting proxy's certificate. Proxy's certificate might be self-signed, with your company set as CA (Certification Authority). AWS CLI client cannot find your company's CA root certificate in the local system's CA registry so it can't verify proxy's certificate and issues the CERTIFICATE_VERIFY_FAILED error.

To fix this we can pass company's root certificate (e.g. company-root-ca.pem) to AWS CLI client via --ca-bundle command parameter (or via AWS_CA_BUNDLE environment variable or config file):

$ export HTTPS_PROXY=<host>:<port>
$ aws s3 ls --ca-bundle /path/to/company-root-ca.pem

Solution 2:

$ export AWS_CA_BUNDLE="C:\Program Files\Amazon\AWSCLIV2\botocore/cacert.pem"

This will work !! Enjoy

Solution 3:

Update proxy settings solve my problem in windows system.

Steps for window 10:

  1. In the search bar located on the left-hand side of your taskbar, next to the Windows

  2. From the search results listed, click on the one that matches what you're looking for like in our case "Proxy settings".

  3. Click on Proxy (left side bottom)

  4. Add *.aws.amazon.com; enter image description here

Now run AWS cli command in CMD