HTTPS connection to ONTAP S3 server fails with "Connection was closed before we received a valid response from endpoint URL"
Applies to
- ONTAP S3
- SSL certificates
Issue
- When trying to connect to ONTAP S3 server using
awscli, the connection fails with:
Connection was closed before we received a valid response from endpoint URL: "https://s3_svm.example.com/".- Curl output:
# curl -I https://s3_svm.example.com -v* About to connect() to s3_svm.example.com port 443 (#0)
* Trying 192.168.0.1...
* Connected to s3_svm.example.com (192.168.0.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5978 (PR_NOT_CONNECTED_ERROR)
* Network file descriptor is not connected
* Closing connection 0
curl: (35) Network file descriptor is not connected
- OpenSSL client output:
# openssl s_client -connect s3_svm.example.com:443 -tls1_2 -status -msg -debug -showcerts -tlsextdebug -prexit -state
CONNECTED(00000003)
SSL_connect:before/connect initialization
>>> ??? [length 0005]
16 03 01 01 25
write to 0x7f9580 [0x8030b3] (298 bytes => 298 (0x12A))
... ..........
>>> TLS 1.2 Handshake [length 0125], ClientHello
...
SSL_connect:SSLv3 write client hello A
read from 0x7f9580 [0x7feb63] (5 bytes => -1 (0xFFFFFFFFFFFFFFFF))
SSL_connect:error in SSLv3 read server hello A
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---