Problem accessing buckets with a dot in the bucket name

Mar 3, 2008 at 10:54 AM
If I have a bucket called something.something with a period/dot in the bucket name, with other software I have been able to create the bucket, upload files and S3 successfully allows me to access the files via a web browser with that bucket name.

However whenever I call a bucket with a dot in it using ThreeSharp I get the following response

"The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."

Do you have any thoughts as to what could be causing it? I'm using config.Format = CallingFormat.SUBDOMAIN; because the data is in the EU datacentre so CallingFormat.REGULAR isn't an option.
Mar 20, 2008 at 7:25 PM
Ditto here. I usually name my buckets like this:

mybucket.mydomain.com

So the period bug poses an issue. If anyone has a fix please post.
Mar 20, 2008 at 7:43 PM
I found one way to work around it for now.

In the FormSample project, ThreeSharpFormSample class, the calling format is set to CallingFormat.SUBDOMAIN for compatibility with EU buckets it looks like.

config.Format = CallingFormat.SUBDOMAIN;

I'm in the US, and I changed the line to:

config.Format = CallingFormat.REGULAR;

Now it works, though it should work with SUBDOMAIN also. Not sure why the dots are giving it issues.
Sep 5, 2008 at 10:49 AM
I get the same problem.
But I am using an EU bucket. SO if somebody could help.
For now I'll just work with no points in the name
May 15, 2009 at 12:14 PM
Edited May 15, 2009 at 12:15 PM

This is a known issue.  Here's what Amazon had to say about it a year ago:

http://developer.amazonwebservices.com/connect/thread.jspa?threadID=18498&tstart=0

The public key certificate used to validate secure HTTP ( https://
virtual-hosted style requests to resources (<yourbucket>.s3.amazonaws.com) 
will only be acceptable to client web browsers (and most code libraries) 
when <yourbucket> contains no periods. 

Our certificate is (purposefully) only authoritative for virtual hosts that 
are a single level removed from "s3.amazonaws.com". The interpretation of 
another dot as another level in the domain hierarchy is expected, and 
indicates that our certificate is not authoritative. 

 

The upshot of the above is that AWS will throw cert validation errors for any bucket names with periods.  Our only option is to simply eat these errors and carry on our merry way.

Here's how to do that.  In ThreeSharpQuery.cs, place this method in the class somewhere:

 

public bool TrustAllCertificateValidation(Object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors Errors)
{
	return true;
}

And inside of Invoke<T>(Request request), place this line near the top:

ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(TrustAllCertificateValidation);



Extra credit for sniffing whether you're looking at an EU bucket before doing the above and simply flipping over to CallingFormat.REGULAR if it's in the US.

Good luck!