duplicity-team team mailing list archive

Thread
Date

[Question #674847]: Certificate Error when connecting to other-than-Virginia S3 endpoint

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: Eric Christensen <question674847@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 08 Oct 2018 12:37:47 -0000
Reply-to: question674847@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

New question #674847 on Duplicity:
https://answers.launchpad.net/duplicity/+question/674847

I'm trying to use a S3 bucket I created in the Ohio region for my off-site backup storage.  When connecting to the server, however, I get the following error:

CertificateError: hostname 's3-us-east-2.amazonaws.com.s3.amazonaws.com' doesn't match either of '*.s3.amazonaws.com', 's3.amazonaws.com'

(That is the address to the Ohio S3 endpoint[0], by the way.)

My first thought was that Amazon was somehow using a bad wildcard certificate at the endpoint which was causing the problem.  Upon further investigation, it appears that the certificate used is proper[1].  Does Duplicity use a stored certificate for verifying the connection?  Why would this error being happening?

[0] https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
[1] https://www.ssllabs.com/ssltest/analyze.html?d=s3.us-east-2.amazonaws.com

-- 
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.

Follow ups

Re: [Question #674847]: Certificate Error when connecting to other-than-Virginia S3 endpoint
From: edgar . soldin, 2018-10-08