2.17.2008

"SSL Error: certificate verify failed" for Amazon S3 using s3sync

Amazon has changed their certificates for SSL access to the S3 service.  If you are receiving this error and you are using s3sync, you can look here for new certs for SSL access to S3.

Long term though, this is a problem with my (and possibly your) backup solution.  Look here for more info.  Specifically this bit:
The certificate chain supporting Amazon S3 SSL is an implementation detail of the system that may change from time to time. A robust application should not depend on the Amazon S3 SSL certificate being signed by a particular certification authority. However, you can depend on the fact that we will only use reputable CAs that are widely supported by existing user-agents. The easiest way to select root CAs to bundle with your application is to simply import the set from a modern web browser with a large market share.

2 comments:

Mark Smith said...

All versions of Java, up to and including 1.6.0u18, have the same problem.

mack said...

nothing ever stays the same forever in the online world does it!

I have a verisign SSL cert on our ecommerce site, so we are hopefully ok!

Cheers

Post a Comment