Cyberduck Mountain Duck CLI

#3812 closed defect (duplicate)

Amazon S3 throws certificate trust errors for DNS-named buckets

Reported by: samj Owned by: dkocher
Priority: normal Milestone:
Component: s3 Version: 3.3b4
Severity: normal Keywords:
Cc: Architecture:
Platform:

Description

My UX with Cyberduck & Amazon S3 has suffered due to certificate trust errors that I finally [think I] got to the bottom of.

For each bucket that uses an FQDN as its name (e.g. media.samj.net) rather than a bare token (e.g. digitalcourier) Cyberduck wants to connect to fqdn.s3.amazonaws.com (e.g. media.samj.net.s3.amazonaws.com) which fails certificate verification even though a *.s3.amazonaws.com wildcard certificate is in place.

I have a feeling this may be the correct behaviour (e.g. *.example.com should match a.example.com but not a.b.c.example.com) but it is rather annoying as it's not obvious that you have to expand for details and check 'Always trust "*.s3.amazonaws.com" when connecting to "fqdn.s3.amazonaws.com"'.

Refer also to #2938 - created a new ticket more for SEO than anything else.

Change History (1)

comment:1 Changed on Oct 13, 2009 at 3:40:18 PM by dkocher

  • Component changed from core to s3
  • Resolution set to duplicate
  • Status changed from new to closed

In #3813.

Note: See TracTickets for help on using tickets.