- Newest
- Most votes
- Most comments
The error message "Host name 'ace-photos-dev.s3.amazonaws.com' does not match the certificate subject provided by the peer (CN=*.s3.amazonaws.com)" may indicate that there is a may be a disconnect between the hostname you are using and the SSL certificate presented by the Amazon S3 service.
This may be because you are using a custom domain or hostname that does not match the SSL certificate's common name (CN) entries.
To resolve this issue, you may look into following options and try which meets your requirements.
-
Use the default S3 endpoint instead of a custom hostname: If you are accessing an S3 bucket, you can use the default S3 endpoint (for example, "bucket-name>.s3.amazonaws.com"). Since the SSL certificate for the default S3 endpoint is issued for "*.s3.amazonaws.com," hostname inconsistencies shouldn't occur.
-
Obtain a legitimate SSL certificate: If you must use a custom hostname, you should get a legitimate SSL certificate that corresponds to your custom domain or hostname. To provision a SSL certificate, you can either use a certificate issued by a reputable certificate authority (CA) or the AWS Certificate Manager (ACM) to provision a free SSL certificate..
-
Use AWS CloudFront as a content delivery network (CDN) if you wish to offer your S3 content through a custom domain. You can set up specific SSL certificates for your domain using CloudFront. You may prevent hostname mismatch problems in this method. (https://aws.amazon.com/cloudfront/custom-ssl-domains/)
Relevant content
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago