[Cyberduck-trac] [Cyberduck] #9059: Certificate error with S3 upload to bucket named as FQDN host
Cyberduck
trac at trac.cyberduck.io
Fri Oct 16 22:11:04 UTC 2015
#9059: Certificate error with S3 upload to bucket named as FQDN host
-----------------------+----------------------------
Reporter: sylnsr | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: core | Version: 4.7.2
Severity: normal | Keywords: S3 certificate
Architecture: | Platform:
-----------------------+----------------------------
Steps to reproduce.
Create S3 bucket for a statically hosted site
(https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-
domain-walkthrough.html)
Cyberduck for Windows 4.7.2:
Configure a bookmark to access the bucket and you'll get a warning
indicating that that the certificate is not valid and that "You might be
connecting to a servver that is pretending to be
<www.example.com>.s3.amazonaws.com" (where example.com is the bucket
named after your FQDN).
duck.sh for Linux 4.7.2:
Upload to the bucket and you will get a warning: The certificate for this
server is invalid. You might be connecting to a server that is pretending
to be “<www.example.com>.s3.amazonaws.com” which could put your
confidential information at risk. Would you like to connect to the server
anyway? (y/n):
... (where example.com is the bucket named after your FQDN)
In the case of the Windows Cyberduck UI one is given an option to click
the button "Show Certificate" which does indeed show the valid certificate
for *.s3.amazonaws.com
I don't experience this issue when uploading to buckets that do not match
the FQDN format.
--
Ticket URL: <https://trac.cyberduck.io/ticket/9059>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list