3

When we upload to a presigned url in AWS chrome gives the error net::ERR_INSECURE_RESPONSE and fails to upload

Improve this question

1 Answer 1

Reset to default
5

The error net::ERR_INSECURE_RESPONSE indicates that the url is using an untrusted certificate. This can happen if there is a . in your bucket name e.g. foo.bar. Amazon makes the upload url foo.bar.s3.amazonaws.com which does not match the certificate *.s3.amazonaws.com. This is how wildcard certificates work.

Fix

Change the bucket name to remove any .s e.g. foo-bar. The upload url will become like foo-bar.s3.amazonaws.com and that will match the s3 certificate *.s3.amazon.com.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

You're a little bit confused on one point: net::ERR_INSECURE_RESPONSE does not necessarily mean there's a self-signed certificate. It means the certificate is untrusted -- maybe because it is signed by an untrusted CA (including self-signed) -- but it also can mean the domain name does not match the cert. A * wildcard in a cert is not allowed to match a dot, therefore foo.bar.example.com does not match a cert for *.example.com yet foo-bar.example.com does. S3 does not return a different cert, and this issue is a limitation in the design of SSL certs, not a limitation of S3.
@Michael-sqlbot thanks a ton. Definitely helps clear my confusion. Updated the answer accordingly.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.