docker-backup-database icon indicating copy to clipboard operation
docker-backup-database copied to clipboard

Published 20 hours ago verified publisher icon appleboy

Cannot connect to S3 endpoint: x509 certificate signed by unknown authority

Open jacksgt opened this issue 3 years ago • 4 comments
trafficstars

Hello,

first of all thank you for this nice tool. It seems very well put together.

I wanted to use it to backup my MySQL database to Backblaze B2 (s3-compatible object storage) with the appleboy/docker-backup-database:mysql-5.7 image. However, when I'm setting STORAGE_ENDPOINT=https://s3.us-west-001.backblazeb2.com/, I get the following error message:

2022/02/05 21:17:17 bucket not exist or you don't have permission: Head "https://s3.us-west-001.backblazeb2.com/my-bucket/": x509: certificate signed by unknown authority

This is strange because when you open https://s3.us-west-001.backblazeb2.com/ in the browser, the certificate is valid. In addition, I tried to reproduce the error with curl, but with curl I don't get the error:

$ podman run --rm -it --entrypoint /bin/bash docker.io/appleboy/docker-backup-database:mysql-5.7
$ apt update; apt install -y curl
$ curl -I https://s3.us-west-001.backblazeb2.com/my-bucket/
HTTP/1.1 403 
x-amz-request-id: d22f37c8610a17db
x-amz-id-2: adaZu7mv4bvxvtHftbno=
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/xml
Content-Length: 180
Date: Sat, 05 Feb 2022 21:26:37 GMT

Do you have any clue what could be the issue here?

jacksgt avatar Feb 05 '22 21:02 jacksgt

I will take it.

appleboy avatar May 04 '22 09:05 appleboy

I have the same issue. Hope @appleboy help to fix this.

cobenash avatar Jun 21 '22 06:06 cobenash

@cobenash Please post your config and show the s3 information like AWS or Minio.

appleboy avatar Jun 21 '22 08:06 appleboy

@appleboy Thanks.

Here is my configuration as follows.

backup_mysql:
    image: appleboy/docker-backup-database:mysql-5.7
    networks:
      - ReverseProxy
    logging:
      options:
        max-size: "100k"
        max-file: "3"
    environment:
      STORAGE_DRIVER: s3
      STORAGE_ENDPOINT: s3.amazonaws.com
      STORAGE_BUCKET: mybucket-db-backup
      STORAGE_REGION: ap-southeast-1
      STORAGE_PATH: backup_bookstack
      STORAGE_SSL: "true"
      STORAGE_INSECURE_SKIP_VERIFY: "false"
      ACCESS_KEY_ID: ${ACCESS_KEY_ID}
      SECRET_ACCESS_KEY: ${SECRET_ACCESS_KEY}

      DATABASE_DRIVER: mysql
      DATABASE_HOST: bookstack_db:3306
      DATABASE_USERNAME: bookstack
      DATABASE_PASSWORD: test@sql13
      DATABASE_NAME: bookstackapp
      DATABASE_OPTS:

      TIME_SCHEDULE: "0 2 * * *"
      TIME_LOCATION: Asia/Taipei
    links:
      - bookstack_db

I've got the same error as @jacksgt can't backup database: bucket not exist or you don't have permission: Head "https://mybucket-db-backup.s3.dualstack.ap-southeast-1.amazonaws.com/": x509: certificate signed by unknown authority

cobenash avatar Jun 21 '22 16:06 cobenash