search

aws / aws-tools-for-powershell

The AWS Tools for PowerShell lets developers and administrators manage their AWS services from the PowerShell scripting environment.
Apache License 2.0
236 stars 78 forks source link

Unable to access S3 buckets with custom url without valid SSL Cert #89

Closed pyashish closed 2 years ago

pyashish commented 4 years ago

Unable to access a s3 bucket behind an Server without valid SSL cert check.

I have a custom server hosting/supporting a s3 protocol. I'm able to access the same with aws boto 3 python client. But not powershell. The below is the error I get the below error 

**Get-S3Bucket -ProfileName Cohesity -EndpointUrl "https://1.2.3.4:1337"  -Verbose
VERBOSE: Invoking Amazon S3 operation 'ListBuckets' on endpoint 'https://1.2.3.4:1337/s3-bucket'
Get-S3Bucket : The SSL connection could not be established, see inner exception.
At line:1 char:1
+ Get-S3Bucket -ProfileName Cohesity -EndpointUrl "https://1.2.3.4:1337 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : InvalidOperation: (Amazon.PowerShell.C\u20263.GetS3BucketCmdlet:GetS3BucketCmdlet) [Get-S3Bucket], InvalidOperationException
+ FullyQualifiedErrorId : System.Net.Http.HttpRequestException,Amazon.PowerShell.Cmdlets.S3.GetS3BucketCmdlet**

I did try disabling the server cert validation check, but no luck :

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }

Possible Solution

Support disabling server cert check.

matteo-prosperi commented 4 years ago

Thanks for opening this issue. Marking this as a feature request. I am not sure that supporting custom S3 protocol implementations is in the scope of the AWS Tools for PowerShell, but we will keep this request into consideration.

pyashish commented 4 years ago

Hey @matteo-prosperi , thanks for the reply. Hmm, I believe this is not a custom protocol implementation. I'm trying something like this : https://wasabi-support.zendesk.com/hc/en-us/articles/360025512031-How-do-I-use-AWS-PowerShell-with-Wasabi-

In the above case wasabi server has trusted cert, it works perfectly. Is there a way to disable server ssl cert check while making call to a custom s3 endpoint.

aws python boto3 works perfectly fine with my endpoint. that is is ignoring SSL cert check while makeing http requests from that module.

github-actions[bot] commented 2 years ago

We have noticed this issue has not recieved attention in 1 year. We will close this issue for now. If you think this is in error, please feel free to comment and reopen the issue.