#1 December 12, 2018 10:59am

doon.mok
Member
Registered: May 6, 2015
Posts: 144

Cloud Storage - Amazon S3

I upgraded to 4.3.2 and tried connecting to Amazon S3 but I keep on getting secret/key invalid. I know the secret/key are correct as I am using them on my live website(Bigtree 4.2.24). I checked S3 and we are using the right region.

Any ideas why it wouldn't connect?
Thanks

Offline

#2 December 13, 2018 5:10pm

timbuckingham
Administrator
From: Baltimore, MD
Registered: April 2, 2012
Posts: 978

Re: Cloud Storage - Amazon S3

Is there a specific environment you're using you're trying to secret / key in (local, live, dev, etc)? It's possible that the AWS library in your vendor folder is out of date and that's causing issues. You could try running "composer update" and see if that fixes it.

Offline

#3 December 14, 2018 10:32am

doon.mok
Member
Registered: May 6, 2015
Posts: 144

Re: Cloud Storage - Amazon S3

Hey Tim,

This is my local using MAMP. I did a composer update and it updated aws to  3.81.5

Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 0 installs, 1 update, 0 removals
  - Updating aws/aws-sdk-php (3.81.3 => 3.81.5): Downloading (100%)
Writing lock file
Generating autoload files

I also did a clean install of BigTree and same issue.
Any other ideas?
Thanks

Offline

#4 December 14, 2018 1:51pm

timbuckingham
Administrator
From: Baltimore, MD
Registered: April 2, 2012
Posts: 978

Re: Cloud Storage - Amazon S3

That's really strange. I tested in my local BigTree 4.3 install with your secret / key (from the live site) and it connected without any issues.

I think we'll need to dump the actual error being returned (which is hopefully informative). Can you modify line 14 of /core/admin/modules/developer/cloud-storage/amazon/update.php to add:

print_r($cloud->Errors);
die();

And then tell me what the error message says?

Offline

#5 December 14, 2018 2:23pm

doon.mok
Member
Registered: May 6, 2015
Posts: 144

Re: Cloud Storage - Amazon S3

Tim,

This is the error:

Array ( [0] => Error executing "ListBuckets" on "https://s3.amazonaws.com/"; AWS HTTP error: cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) )

Offline

#6 December 14, 2018 2:26pm

timbuckingham
Administrator
From: Baltimore, MD
Registered: April 2, 2012
Posts: 978

Re: Cloud Storage - Amazon S3

Thanks! It looks like this is due to your local system using an old certificate authority bundle for cURL calls. It looks like there's an option for specifying one in the AWS SDK so I'm going to see if we can specify the one bundled with BigTree. I'll let you know when I have more info!

Offline

#7 December 14, 2018 2:30pm

doon.mok
Member
Registered: May 6, 2015
Posts: 144

Re: Cloud Storage - Amazon S3

Thanks Tim!!!

Offline

#8 December 20, 2018 5:21pm

timbuckingham
Administrator
From: Baltimore, MD
Registered: April 2, 2012
Posts: 978

Re: Cloud Storage - Amazon S3

I've pushed a commit that should now use BigTree's local CA Cert bundle when calling S3 / CloudFront:
https://github.com/bigtreecms/BigTree-C … 0c2dcb2d8e

Offline

#9 April 30, 2021 8:47pm

jefftml
Member
Registered: December 10, 2015
Posts: 3

Re: Cloud Storage - Amazon S3

For some reason, I had to rename the cache/bigtree-ca-cert.pem file to something different to get mine working again, no clue why it stopped working at some time. Otherwise, I was getting an error (after changing the amazon cloud update php file to spit it out)
Array ( [0] => Error executing "ListBuckets" on "https://s3.amazonaws.com/"; AWS HTTP error: cURL error 77: (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) )

Offline

#10 April 30, 2021 8:50pm

timbuckingham
Administrator
From: Baltimore, MD
Registered: April 2, 2012
Posts: 978

Re: Cloud Storage - Amazon S3

I believe BigTree 4.4.13 released a fix for that issue. The root cause of it was that the URL where BigTree was downloading the certificate bundle from changed -- it was providing a 301 response but the cURL request wasn't following the redirect to the new URL. That led to all future cURL requests failing after the bundle was corrupted.

Offline

Board footer

Powered by FluxBB

The Discussion Forum is not available on displays of this size.