Aws-sdk-android: Certificate Error for the preSighnedURL
Hi,
Amazon S3 SDK (v2.1.4) is successfully providing signed URL
URL url = sS3Client.generatePresignedUrl("<BUCKET_NAME>", "<FILENAME>", nowPlus10Minutes.getTime());
But when I use that URL to fetch the image through HTTPURLConnection there is an security error for certificate. _(FYI I am using picasso for downloading the image, that's where HTTPURLConnectionc comes in scene)_
And when I try the URL in chrome I had the same problem
Server could not prove that its security certificate from *.s3.amazon.com
Altough in browser one can add the hosts in exception and by doing that I am able to download the Image through chrome.
Please let me know why this is happening, Am I missing someting ?
Thanks
Rahul
rahulgautam
All 8 comments
For refrence this my code snippet
Picasso.Builder builder = new Picasso.Builder(this);
Picasso picasso = builder.downloader(new OkHttpDownloader(this) {
@Override
protected HttpURLConnection openConnection(Uri uri) throws IOException {
// get bucket name and filename (key) from uri (https://s3.amazonaws.com/BUCKET_NAME/FILENAME.JPG)
String BUCKET_NAME;
URL url = sS3Client.generatePresignedUrl("<BUCKET_NAME>", "<FILENAME>", nowPlus10Minutes.getTime());
HttpURLConnection connection =null;
try {
connection = super.openConnection(Uri.parse(url.toString()));
Log.v(" === connection.getURL()", connection.getURL().toString());
}
catch (Exception e){
Log.v( "Exception occured ", "picasso openConnection");
}
return connection;
}
}).build();
picasso.setLoggingEnabled(true);
picasso.load("https://s3.amazonaws.com/BUCKET_NAME/FILENAME.JPG").into(imageView,new Callback() {
@Override
public void onSuccess() {
Log.v("-------","success");
}
@Override
public void onError() {
Log.v("--------","error");
}
});
Appriciate any help,
Thanks
cc @Synderesis @wdane
rahulgautam
on 31 Oct 2014
I'm sorry your having trouble rahulgautam. Unfortunately I cannot seem to reproduce the issue. I've tried generating a pre-signed URL and the image opens fine in Firefox/Chrome/Safari as well as on the emulator browser and I am also able to download it fine. The code I used to test is below. Let me know if you can't get this to work for you.
class testPresignedURL extends AsyncTask
@Override
protected Void doInBackground(Void... params) {
Calendar tomorrow = Calendar.getInstance();
tomorrow.add(Calendar.HOUR, 24);
Date td = tomorrow.getTime();
URL url = s3Client.generatePresignedUrl(YOUR_BUCKET, YOUR_IMAGE, td);
Log.d(TAG,"URL is: "+url.toString());
//Uncomment code below to see in phone's browser
// Intent browserIntent = new Intent(Intent.ACTION_VIEW, Uri.parse(url.toString()));
// startActivity(browserIntent);
File storagePath = new File(Environment
.getExternalStorageDirectory()
+ "/testpresignedurl/images/");
storagePath.mkdirs();
File file = new File(storagePath, YOUR_FILE);
HttpURLConnection urlConnection;
try {
urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.setRequestMethod("GET");
urlConnection.connect();
FileOutputStream fileOutput = new FileOutputStream(file);
InputStream inputStream = urlConnection.getInputStream();
int downloadedSize = 0;
byte[] buffer = new byte[1024];
int bufferLength = 0;
while ((bufferLength = inputStream.read(buffer)) > 0) {
fileOutput.write(buffer, 0, bufferLength);
downloadedSize += bufferLength;
Log.d(TAG,"downloaded chunk total: "+downloadedSize);
}
fileOutput.close();
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
}
Weston
wdane
on 31 Oct 2014
Hi @wdane,
Thanks for reply and code-snippet,
When I open the URL generated by presignedURL, same thing happened.
Although image gets download through asynctask (code snippet you provide).
Now a days there is new issue with SSL (poodle etc), is something related to this, because I still have not figure out what causing this behaviour.
rahulgautam
on 4 Nov 2014
Can you show is what the actual URL is? Also what is your development environment like? If you are using a packet sniffer that could cause issues.
Have you tried accessing the URL from a different device? Maybe on a different network? That might help narrow down the source of the issue
richardfung
on 4 Nov 2014
This could be because you have . (dot) as part of the bucket name. One of the advices is to use '-' instead of '.' in S3 bucket names that will be accessed via HTTPS.
SoMCUSDev
on 7 Nov 2014
Yes I do have . (dot) as part of bucket name, I could not share the exact URL but this is how it looks
https://my.bucket.name.s3.amazonaws.com/0076bb56-32qc-11d4-90da-0ac2f0fa92c6_1410249846.047449.JPG?AWSAccessKeyId=ACCESS93NPP3OW4IQWER&Expires=1414587123&Signature=byIJwcjtcZ9bW%2F2O8i%2FdsprvsOM%3D
I am not using any packet sniffer, development enviourment is Mac OS X Yosemite and private optical network infrastructure.
rahulgautam
on 7 Nov 2014
Hi @SoMCUSDev Thanks for your help man, removing . from my bucket name worked for me.
AWS Console should mention this information when a user creates a bucket. that would save all this trouble to users.
Thanks guys for all your help
rahulgautam
on 7 Nov 2014
Thanks Rahulgautam, let us know if you have any further issues!
wdane
on 11 Nov 2014
Related issues
amadeu01
路
3Comments
mbk820
路
4Comments
nsadiq-radpits
路
3Comments
bobguy1234
路
3Comments
yoshka88
路
3Comments
Most helpful comment
This could be because you have
.(dot) as part of the bucket name. One of the advices is to use '-' instead of '.' in S3 bucket names that will be accessed via HTTPS.