S3 not connecting on two servers

Hello everybody.

I’m having trouble connecting to S3. Same problem on two servers using two AWS accounts. Credentials are known to work, I use them with other services.

> hostname 'box.MYDOMAIN.s3.us-east-2.amazonaws.com' doesn't match either of '*.s3.us-east-2.amazonaws.com', 's3.us-east-2.amazonaws.com', '*.s3-us-east-2.amazonaws.com', 's3-us-east-2.amazonaws.com', '*.s3.dualstack.us-east-2.amazonaws.com', 's3.dualstack.us-east-2.amazonaws.com', '*.s3.amazonaws.com', '*.s3-control.us-east-2.amazonaws.com', 's3-control.us-east-2.amazonaws.com', '*.s3-control.dualstack.us-east-2.amazonaws.com', 's3-control.dualstack.us-east-2.amazonaws.com'

This is for Ohio. I’ve tried creating new buckets in different locations, too. I’ve tried using folders and root folder in bucket. I’ve tried changing bucketnames. And have tried disabling firewall

Vanilla installs running .40 (backing up to upgrade)

S3 Path prompts for ‘bucket name’ and directory … are you sure that you have entered the information correctly?

my buckets are named after the domain box.MYDOMAIN.net

I’ve tried entering: box.MYDOMAIN.net
then created a folder called backups and tried box.MYDOMAIN.net/backups

Uppercase characters and . (dots) can’t be used (or at least not recommended) to name your bucket … Try with bucket named as box-mydomain-net or boxmydomainnet

I ran into this same exact problem. I had named my bucket using box.<domain>.nyc3.digitaloceanspaces.com, which was a valid bucket name for DigitalOcean, but Mail-in-a-Box refused to use that bucket name and even went so far to say that it wasn’t the correct hostname (which it was). I ended up using a bucket named <domain>-box.nyc3.digitaloceanspaces.com, but it felt kind of sloppy and inconsistent with the existing nomenclature I use on DigitalOcean.

It would be nice if Mail-in-a-Box supported valid bucket names with dots in them since at least some S3 providers do, in fact, support this. And if for some arcane reason it isn’t possible for Mail-in-a-Box to support valid bucket names with dots in them, it would be nice if the error message said as much, rather than making an incorrect statement that the hostname doesn’t match a pattern that it very much does match.

There’s an open issue on this. It’s been open for over five years.

This is from AWS, and could be the reason why bucket with period don’t work.

For best compatibility, we recommend that you avoid using dots (.) in bucket names, except for buckets that are used only for static website hosting. If you include dots in a bucket’s name, you can’t use virtual-host-style addressing over HTTPS, unless you perform your own certificate validation. This is because the security certificates used for virtual hosting of buckets don’t work for buckets with dots in their names is not recommended.

This limitation doesn’t affect buckets used for static website hosting, because static website hosting is only available over HTTP. For more information about virtual-host-style addressing, see Virtual hosting of buckets. For more information about static website hosting, see Hosting a static website using Amazon S3.

Considering the limitation of not using dots is a recommendation on the part of AWS and not a hard requirement, shouldn’t MiaB defer to the administrator’s decision on whether or not to follow AWS’ advice? The MiaB interface could show a warning message about the incompatibility with TLS, but failing with an inaccurate error message just seems like an especially unhelpful way of handling the problem.

It will remain that way until someone submits a PR. Since this is an open source project, issues only get fixed when someone volunteers to fix the issue.

I mean, I can take a poke at it myself…

1 Like

As far as I can tell, the behavior is actually upstream, via the library “Boto”:

I’ll have to keep digging to see where the actual error message comes from, but I have some other things on my plate at the moment…

1 Like

Maybe it makes sense to follow the recommendation and not allow dots, but then to make sure that is noted somewhere obvious and change the error message to explain it.

1 Like