Vagrant was unable to check revocation for the certificate

by Daniel Pham
Published: Updated:

“Error: schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) – The revocation function was unable to check revocation for the certificate.”

If you’re facing the error above when using Vagrant then I hope this post may help you a bit.

Vagrant was unable to check revocation for the certificate
Vagrant error The revocation function was unable to check revocation for the certificate.

About the error Vagrant revocation function was unable to check revocation for the certificate

I faced this error when I used Vagrant on a Windows PC. I also use the same code on another Linux PC but it’s okay without any problem.

The Vagrant code like below, you can see in my Github repository.

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
  # Use image box Ubuntu, current is 20.10
  config.vm.box = "ubuntu/focal64"
  # Change port 80 to other port that you want to access from host machine
  config.vm.network "forwarded_port", guest: 80, host: 80
  # Set a private IP address, you can access it from host machine with `ssh [email protected]` instead of `vagrant ssh`.
  # Make you work as a real case
  config.vm.network "private_network", ip: "192.168.33.10", :netmask => "255.255.255.0"
  # Set cpu, ram for vm
  config.vm.provider "virtualbox" do |vb|
    vb.memory = "1024"
    vb.cpus = 1
  end
end

When I type the command “vagrant up” then got the error below.

Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'ubuntu/focal64' could not be found. Attempting to find and install...
    default: Box Provider: virtualbox
    default: Box Version: >= 0
The box 'ubuntu/focal64' could not be found or
could not be accessed in the remote catalog. If this is a private
box on HashiCorp's Vagrant Cloud, please verify you're logged in via
`vagrant login`. Also, please double-check the name. The expanded
URL and error message are shown below:

URL: ["https://vagrantcloud.com/ubuntu/focal64"]
Error: schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.

So the first thing in my head that there is a problem with my Windows PC then I searched around in the internet.

Most of the results from the internet are talking about update to latest version of Vagrant. I checked my Vagrant version and it’s already the latest version so nothing to do with update the version.

How to resolve the error

Vagrant was unable to check revocation for the certificate
Vagrant Error: SSL certificate problem: self-signed certificate in certificate chain.

After searched around, I got a lot of answers with difference thing to do.

The first one is download and replace the binary “curl.exe” on the folder “C:\HashiCorp\Vagrant\embedded\bin”. Someone told there is a problem with the old Curl inside Vagrant so we need to download the latest Curl and replace it. Yes, I tried this one but nothing fixed.

I downloaded the newest Curl application from this link with the latest version is 7.83.1. After replaced the newest Curl to the Vagrant’s embedded folder, I ran the command “vagrant up” again and got a new error.

Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'ubuntu/focal64' could not be found. Attempting to find and install...
    default: Box Provider: virtualbox
    default: Box Version: >= 0
The box 'ubuntu/focal64' could not be found or
could not be accessed in the remote catalog. If this is a private
box on HashiCorp's Vagrant Cloud, please verify you're logged in via
`vagrant login`. Also, please double-check the name. The expanded
URL and error message are shown below:

URL: ["https://vagrantcloud.com/ubuntu/focal64"]
Error: SSL certificate problem: self-signed certificate in certificate chain

At this time, there are some posts wrote that we need to replace the OpenSSL library too. I tired of it and keep searching for other way.

Finally, I found there is simple trick to bypass this error above.

Simply, we just need to add a line to our Vagrant code and it’s work.

config.vm.box_download_insecure=true

Then the complete code will look like this.

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
  # Use image box Ubuntu, current is 20.10
  config.vm.box = "ubuntu/focal64"
  config.vm.box_download_insecure=true
  # Change port 80 to other port that you want to access from host machine
  config.vm.network "forwarded_port", guest: 80, host: 80
  # Set a private IP address, you can access it from host machine with `ssh [email protected]` instead of `vagrant ssh`.
  # Make you work as a real case
  config.vm.network "private_network", ip: "192.168.33.10", :netmask => "255.255.255.0"
  # Set cpu, ram for vm
  config.vm.provider "virtualbox" do |vb|
    vb.memory = "1024"
    vb.cpus = 1
  end
end

With simple line code above then I ran the command “vagrant up” again and here is the result.

Vagrant was unable to check revocation for the certificate
Vagrant is working fine after added the line code.

Conclusion

This is a simple trick but in some case, you may spent hours to find the way to resolve it.

Hope my post may help some guys who facing the same problem with the Vagrant.

5 41 votes
Article Rating
Subscribe
Notify of
guest
30 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
David
David
Guest
9 months ago

It’s downloading at 4% now brvh I’m so greatful thanks very much

Imaya
Imaya
Guest
10 months ago

Thanks for the post. it worked for me as well.

Deepak Panchal
Deepak Panchal
Guest
11 months ago

Thank you for providing this workaround. So essentially the root cause of the issue is not resolved, but we are basically circumventing the certificate checks and simply forcing vagrant to continue and download. From a corporate security point of view this maybe not proper and maybe against some company policies (by passing security) but nevertheless, if you want to get things done, then this is the way to go.
Thanks again.

Nandan Tendulkar
Nandan Tendulkar
Guest
11 months ago

I spent half a day looking for this solution to no avail. Your approach worked.

You’re a life saver! Thanks, Dung!

Tijana
Tijana
Guest
11 months ago

Hi Dung,

Your advice helped me a lot!

Tijana!

Emmy
Emmy
Guest
1 year ago

Hi Dung,

This really helped me.

Thanks

Unwana
Unwana
Guest
1 year ago

Yup definitely helped

Sergio
Sergio
Guest
1 year ago

Glad I ran into this early after facing this issue, I’m sure it saved me some good precious time. Thanks!

Juan Carlos
Juan Carlos
Guest
1 year ago

Thanks! I went straight for the vm configuration option and it worked without messing with curl or SSL.

Dylan Sonkeng
Dylan Sonkeng
Guest
1 year ago

Bro you are the best. Thanks for your trick, it helped me

Guy Rouillier
Guy Rouillier
Guest
1 year ago

Thank you for this, found via search. I’m brand new to Vagrant, so I wasn’t sure where to add this. I’m attempting to use Vagrant to install an Oracle database VM from here:

https://github.com/oracle/vagrant-projects

I tried to put this setting into the .env.local file (after loading the vagrant-env plugin) and that didn’t seem to help. So, I added it directly to the Vagrantfile, in the section with the other config.vm settings; that worked. I don’t understand how all these pieces are supposed to fit together, but I’m happy I was able to get a running VM via Vagrant.

hun
hun
Guest
1 year ago

You are the Best! thank you!!

Olutayo
Olutayo
Guest
1 year ago

Thank you so much for your post this has saved me hours of research, I have been trying to get this work on windows 10 for nearly 4hours before finding your post. This really helps

Sisonke
Sisonke
Guest
1 year ago

kneel Dung Pham… and rise!! Sir Dung Pham

jairo
jairo
Guest
1 year ago

You are the Best!!

DevOps Lite is a personal blog specializing in technology with main topics about DevOps, DevSecOps, SRE and System Administrator. Articles are shared for free and contributed to the community.

SUPPORT US

FOLLOW US

Subscribe my Newsletter for new blog posts. Stay updated from your inbox!

© 2021-2024 DevOpsLite.com – All rights reserved.

Please write sources “DevOpsLite.com” when using articles from this website.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

0
Would love your thoughts, please comment.x
()
x

Adblock Detected

Please support us by disabling your AdBlocker extension from your browsers for our website.