Adobe Developer

SrikanthPo3 · 1/21/25

Hi All,

I am trying to set up aio CLI to perform certain operations on API Mesh part of Adobe Commerce integration with AEM. After installing node, npm and aio CLI, running aio auth:login command, authentication is successful but running aio api-mesh describe command gives below error. I am within a corporate network, executing from windows command prompt. Can anyone help in getting this issue resolved? I am unable to select organization/workspace/project because of this issue.

C:\Users\spogula>aio api-mesh describe
| Getting Organizations...    CoreConsoleAPIError: [CoreConsoleAPISDK:ERROR_GET_ORGANIZATIONS] FetchError: request to https://developers.adobe.io/console/organizations failed, reason: unable to get local issuer certificate
        at ClientRequest.<anonymous> (C:\Users\spogula\AppData\Local\@adobe\aio-cli\node_modules\@adobe\aio-lib-core-networking\node_modules\node-fetch\lib\index.js:1501:11)
        at ClientRequest.emit (node:events:513:28)
        at TLSSocket.socketErrorListener (node:_http_client:502:9)
        at TLSSocket.emit (node:events:513:28)
        at emitErrorNT (node:internal/streams/destroy:151:8)
        at emitErrorCloseNT (node:internal/streams/destroy:116:3)
        at process.processTicksAndRejections (node:internal/process/task_queues:82:21) {
      type: 'system',
      errno: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY',
      code: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
    }
    Code: ERROR_GET_ORGANIZATIONS

SrikanthPo3 · 1/21/25

node -v : v18.16.0
npm -v : 9.5.1
aio -v : @adobe/aio-cli/10.3.1 win32-x64 node-v18.16.0

rojoangel · 1/21/25

Hi @SrikanthPo3,

before running

aio api-mesh describe

could you try selecting manually the org, project, and workspace to use by running these commands?

aio console org select
# and select your IMS Org

aio console project select
# and select the console project that contains your API Mesh

aio console workspace select
# and select the workspace where your API Mesh is or will be deployed

# link your local project with the App Builder project in the Adobe Dev Console
aio app use

Ref: https://developer.adobe.com/graphql-mesh-gateway/mesh/basic/work-with-mesh/#select-a-project-or-work...

SrikanthPo3 · 1/31/25

Hi @rojoangel

aio console org select is giving the same error as above. Our organization is using pac file for controlling traffic and SSL bypass is not a viable option as per our IT team. Is there an option to pass/set proxy to aio commands?

sarav_prakash · 1/30/25

Many times cert errors are related to local firewall. Can you please try outside VPN, VDI or any turn off any firewall tools like ZScalar. For my offshore team, zscalar blocks a lot of traffic, and turning off many times resolved such cert errors.

sarav_prakash · 1/30/25

If for local, easier fix is to, simply turn off global cert validation using

npm config set strict-ssl false

and

SET NODE_TLS_REJECT_UNAUTHORIZED=0       //For Windows command line

But this is not recommended. Its ok to temporarily turn off and reset later.

SrikanthPo3 · 1/31/25

Hi @sarav_prakash

I have both these configured but still I get the same error with additional warning when NODE_TLS_REJECT_UNAUTHORIZED=0 is set.

sarav_prakash · 2/1/25

Got it. many times its local firewall blocking. If you see zscaler running in machine, request your helpdesk to temporarily disable or get admin rights temporarily so you can disable. my offshore faced same error and thats how they solved it.

SrikanthPo3 · 2/2/25

Hi @sarav_prakash

Do I need to disable zscaler every time I want to run aio commands? Or is it the first time only? I am afraid our orgnization's IT team may not agree to disable Zscaler. Can you please suggest any other alternate solutions for this?

sarav_prakash · 2/3/25

Got it. Then narrows to zscaler, local firewall blocking. In my case, my offshore only work against same dev workspace in single AIO project. Stage and Prod, I was taking care as I dont have zscaler issue. So it was one time issue for offshore.

In your case, if you are multiple times switching workspaces or AIO projects, your network team must allow the adobe certs. You may need to raise your network team request stating zscaler is blocking adobe certs.

Adobe Developer

aio commands give local issuer certificate error

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe