Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Amazon S3 issues getting SSL to work with c# sdk

I'm using the Amazon AWS .NET SDK v1.2.1.

The following code throws an exception after failing a DNS lookup for myBucket.more.https which is clearly not what it should be looking for...

AmazonS3Config S3Config = new AmazonS3Config()
{
    ServiceURL = "https://s3.amazonaws.com",
    CommunicationProtocol = Amazon.S3.Model.Protocol.HTTPS,
};

using (AmazonS3 client = Amazon.AWSClientFactory.CreateAmazonS3Client(accessKey,secretKey, S3Config))
{
    PutObjectRequest request = new PutObjectRequest();

    using (MemoryStream ms = new MemoryStream(inputBytes))
    {
        request.WithBucketName("myBucket.more")
                .WithKey(output.Name)
                .WithInputStream(ms);

        using (S3Response response = client.PutObject(request))
        {
                        Log.Message("File Sent: " + output.Name);
        }
    }
}

If I remove the https:// from the front of the ServiceURL it throws a web exception with:

"The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."

So how am I suppose to get SSL working?

The only way I've managed so far is with the following, which is not secure:

AmazonS3Config S3Config = new AmazonS3Config()
{
    ServiceURL = "s3.amazonaws.com",
    CommunicationProtocol = Amazon.S3.Model.Protocol.HTTP,
};

UPDATE

If I don't pass a custom S3Config to CreateAmazonS3Client, it is still failing with:

"The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."

"The remote certificate is invalid according to the validation procedure."

like image 412
Tim Avatar asked Jan 27 '11 15:01

Tim


1 Answers

The ServiceUrl should be S3.amazonaws.com without the https:// in front. That is the default setting as is HTTPS for the Communication protocol. That's why you get the same error when you don't set the settings manually.

Update

EU buckets cannot contain periods(.) in the name if you want to use HTTPS.

like image 156
Geoff Appleford Avatar answered Nov 18 '22 05:11

Geoff Appleford