I am trying to connect to Azure using Powershell. When I try the command Login-AzureRmAccount, I get a pop-up to enter my credentials. But, immediately after that I get an error:

Login-AzureRmAccount : Service returned error. Check InnerException for more details: The underlying connection was
closed: Could not establish trust relationship for the SSL/TLS secure channel.
At line:1 char:1
+ Login-AzureRmAccount
+ ~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : CloseError: (:) [Add-AzureRmAccount], AadAuthenticationFailedException
    + FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.AddAzureRMAccountCommand

Can someone shed some light on this?

Update The below inner exception is what I see:

'Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: Service returned error. Check InnerException for more details ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper.d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpHelper.d__0 .MoveNext() --- End of inner exception stack trace --- at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.RunAsyncTask[T](Task1 task) at Microsoft.Azure.Commands.Common.Authentication.UserTokenProvider.DoAcquireToken(AdalConfiguration config, PromptBehavior promptBehavior, String userId, SecureString password) at Microsoft.Azure.Commands.Common.Authentication.UserTokenProvider.SafeAquireToken(AdalConfiguration config, ShowDialog showDialog, String userId, SecureString password, Exception& ex) ErrorCode: service_returned_error StatusCode: 501'. At line:1 char:1 + Login-AzureRmAccount $Error[0].Exception.InnerException

I'm fairly certain this will bypass your problem but not actually solve it.

DISCLAIMER: This is not secure, and should only be done if you are certain that the certificate error you are getting is a false positive, or you truly don't care! This method leaves you open to establishing connections to malicious and/or compromised sites. This is the PowerShell equivalent to going to a web page in Internet Explorer, getting a certificate error, and clicking the Continue Anyway link.

If you try to manually login, and get a certificate error, but are ok with continuing past it then you can disable certificate checking in PowerShell so that it behaves similarly. Running this line before you try to login to Azure will disable certificate checking for the current session. You will have to run this each time you want to login to Azure, so long as there is a certificate error.

 [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

A better solution would probably be to resolve the SSL/TLS issue that you are seeing, but that is most likely something better suited for ServerFault or something.