Skip to main content
NetApp Knowledge Base

HTTPS connection to ONTAP S3 server fails with "Connection was closed before we received a valid response from endpoint URL"

Views:
126
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP S3
  • SSL certificates

Issue

  • When trying to connect to ONTAP S3 server using awscli, the connection fails with:
 
Connection was closed before we received a valid response from endpoint URL: "https://s3_svm.example.com/".
  • Curl output:
# curl -I https://s3_svm.example.com -v

* About to connect() to s3_svm.example.com port 443 (#0)
*   Trying 192.168.0.1...
* Connected to s3_svm.example.com (192.168.0.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -5978 (PR_NOT_CONNECTED_ERROR)
* Network file descriptor is not connected
* Closing connection 0
curl: (35) Network file descriptor is not connected

  • OpenSSL client output:

# openssl s_client -connect s3_svm.example.com:443 -tls1_2 -status -msg -debug -showcerts -tlsextdebug -prexit -state

CONNECTED(00000003)
SSL_connect:before/connect initialization
>>> ??? [length 0005]
    16 03 01 01 25
write to 0x7f9580 [0x8030b3] (298 bytes => 298 (0x12A))
...                    ..........
>>> TLS 1.2 Handshake [length 0125], ClientHello
...
SSL_connect:SSLv3 write client hello A
read from 0x7f9580 [0x7feb63] (5 bytes => -1 (0xFFFFFFFFFFFFFFFF))
SSL_connect:error in SSLv3 read server hello A
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support