[Cyberduck-trac] [Cyberduck] #7967: use s3.amazonaws.com instead <bucketname>.s3.amazonaws.com
Cyberduck
trac at trac.cyberduck.io
Tue May 20 23:45:50 UTC 2014
#7967: use s3.amazonaws.com instead <bucketname>.s3.amazonaws.com
-------------------------+---------------------
Reporter: scytacki | Owner: dkocher
Type: defect | Status: new
Priority: normal | Milestone:
Component: s3 | Version: 4.4.4
Severity: normal | Keywords:
Architecture: | Platform:
-------------------------+---------------------
I've run into the same s3 SSL certificate issue that has been reported
before and is documented in the wiki
https://trac.cyberduck.io/wiki/help/en/howto/s3#SSLcertificatetrustverification
It is common for users to put dots in the bucket name to support the S3
CNAME support.
A solution to this problem is for Cyberduck to use '''path-style'''
requests instead of '''virtual hosted-style''' requests. This page shows
the difference:
http://docs.aws.amazon.com/AmazonS3/latest/API/APIRest.html
That page also says the virtual-hosted style is recommended, which is
worrying.
However this page goes into much more detail and there is no indication
that the path-style is legacy:
http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html
After reading these pages it seems very reasonable to use the path-style,
and then avoid the SSL issue when there are dots in the bucket name. I
thought perhaps I could make that happen by creating a connection with
"s3.amazonaws.com" for the hostname and a path of the bucket-name, this
does make a connection, but it still has the SSL error so it looks like
internally it is getting converted to the virtual host-style of "<bucket-
name>.s3.amazonaws.com"
--
Ticket URL: <https://trac.cyberduck.io/ticket/7967>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list