Reputation: 556
S3-php5-curl on AWS EC2 instance - requested domain name does not match the server's certificate
I am using s3-php5-curl to access my AWS S3 bucket.
The getBucket() function works fine and retrieves a result when I host the PHP app myself but when I put the exact same code into a AWS EC2 instance (default AIM - Linux, Apache, PHP), I get the following error:
Warning: S3::getBucket(): [51] Unable to communicate securely with peer: requested domain name does not match the server's certificate. In /var/www/html/s3-php5-curl/S3.php on line 136 Warning: Invalid argument supplied for foreach() in /var/www/html/index.php on line 15
I can't make sense of it. What does it mean and how can I resolve it?
EDIT: I did mark this as answered but I was wrong. I have linked to what the underlying problem seems to be irrespective of whether you use the Amazon SDK or the php5-curl library. There seems to be a general problem affecting EC2 users in some regions who try to programmatically access their S3 buckets relating to SSL certification where the bucket name includes a full-stop (aka period). It has been documented but lays unresolved here.
Upvotes: 5
Views: 10402
Answers (3)
Reputation: 1088
Try using AWS SDK for PHP 1.5.5 and make sure that you specify your region and set path_style to true. For me I'm in Singapore so my code will be:
$s3 = new AmazonS3();
$s3->set_region(AmazonS3::REGION_APAC_SE1);
$s3->path_style = true;
This seems to work for me.
Hope it helps!
Cheers, Ardy
Upvotes: 4
Reputation: 1013
You can always instruct CURL not to check for a valid SSL certificate by editing s3-php5-curl/S3.php changing lines 1298-1299 to:
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
This is necessay for buckets that are of x.z.s3.amazonaws.com type, as pointed out by datasage in the comments above, the wildcard SSL cert of *.s3.amazonaws.com does not cover those.
Upvotes: 2
Reputation: 19573
Unable to communicate securely with peer: requested domain name does not match the server's certificate.
This error occurs when CURL tries to verify the certificate. While you can disable this setting with curl options, why the certificate name mismatch exists.
It looks like the library you have is somewhat dated, you may want to consider using this: http://aws.amazon.com/sdkforphp/
Upvotes: 2
Related Questions
- AWS SSL security error : [curl] 60: SSL certificate prob...: unable to get local issuer certificate
- HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK
- Error using PHP cURL with SSL certificates
- Curl says "requested domain name does not match the server's certificate," but it appears to match
- PHP Amazon webservice uncaught curl exception
- curl server certificate verification failed
- Amazon S3 on wamp localhost SSL error
- php curl is not working over https
- Amazon Web Service S3 shows SSL cURL error
- PHP CURL error with AWS