Amazon S3 throws certificate trust errors for DNS-named buckets #3812
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
{{ message }}
My UX with Cyberduck & Amazon S3 has suffered due to certificate trust errors that I finally [think I] got to the bottom of.
For each bucket that uses an FQDN as its name (e.g. media.samj.net) rather than a bare token (e.g. digitalcourier) Cyberduck wants to connect to fqdn.s3.amazonaws.com (e.g. media.samj.net.s3.amazonaws.com) which fails certificate verification even though a *.s3.amazonaws.com wildcard certificate is in place.
I have a feeling this may be the correct behaviour (e.g. .example.com should match a.example.com but not a.b.c.example.com) but it is rather annoying as it's not obvious that you have to expand for details and check 'Always trust ".s3.amazonaws.com" when connecting to "fqdn.s3.amazonaws.com"'.
Refer also to #2938 - created a new ticket more for SEO than anything else.
The text was updated successfully, but these errors were encountered: