[GH-ISSUE #837] Unable to connect error which nearly freezes MacOS #484

New issue

Closed

opened 2026-03-04 01:46:01 +03:00 by kerem · 5 comments

kerem commented 2026-03-04 01:46:01 +03:00

Owner

Copy link

Originally created by @olalonde on GitHub (Oct 11, 2018).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/837

Additional Information

The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all.
Keep in mind that the commands we provide to retrieve information are oriented to GNU/Linux Distributions, so you could need to use others if you use s3fs on MacOS or BSD

Version of s3fs being used (s3fs --version)

V1.84(commit:unknown)

Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)

17.5.0

Kernel information (uname -r)

command result: uname -r

GNU/Linux Distribution, if applicable (cat /etc/os-release)

MacOS 10.13.4

s3fs command line used, if applicable

s3fs archive.mydomain.com ~/archive.mydomain.com -o passwd_file=$HOME/.passwd-s3fs -o dbglevel=info -f -o curldbg

/etc/fstab entry, if applicable

Details about issue

~$ s3fs archive.mydomain.com ~/archive.syskall.com -o passwd_file=$HOME/.passwd-s3fs -o dbglevel=info -f -o curldbg
[CRT] s3fs.cpp:set_s3fs_log_level(273): change debug level from [CRT] to [INF]
[INF]     s3fs.cpp:set_mountpoint_attribute(4180): PROC(uid=501, gid=20) - MountPoint(uid=501, gid=20, mode=40755)
[INF] s3fs.cpp:s3fs_init(3379): init v1.84(commit:unknown) with GnuTLS(gcrypt)
[INF] s3fs.cpp:s3fs_check_service(3721): check services.
[INF]       curl.cpp:CheckBucket(3076): check a bucket.
[INF]       curl.cpp:prepare_url(4265): URL is https://s3.amazonaws.com/archive.mydomain.com/
[INF]       curl.cpp:prepare_url(4297): URL changed is https://archive.mydomain.com.s3.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2408): computing signature [GET] [/] [] []
[INF]       curl.cpp:url_to_host(101): url is https://s3.amazonaws.com
*   Trying 54.231.49.80...
* TCP_NODELAY set
* Connected to archive.mydomain.com.s3.amazonaws.com (54.231.49.80) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=Washington; L=Seattle; O=Amazon.com Inc.; CN=*.s3.amazonaws.com
*  start date: Sep 22 00:00:00 2017 GMT
*  expire date: Jan  3 12:00:00 2019 GMT
*  subjectAltName does not match archive.mydomain.com.s3.amazonaws.com
* SSL: no alternative certificate subject name matches target host name 'archive.mydomain.com.s3.amazonaws.com'
* stopped the pause stream!
* Closing connection 0
[ERR] curl.cpp:RequestPerform(2197): ###curlCode: 51  msg: SSL peer certificate or SSH remote key was not OK
[ERR] curl.cpp:CheckBucket(3104): Check bucket failed, S3 response:
[CRT] s3fs.cpp:s3fs_check_service(3787): unable to connect(host=https://s3.amazonaws.com) - result of checking service.
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3369): Exiting FUSE event loop due to errors

After the last log line, s3fs freezes for a few minutes and I'm unable to kill it manually. My Mac also becomes very slow. Not sure if relevant but I'm using a VPN. I can manually connect to the s3 bucket using those credentials in Cyberduck.

Originally created by @olalonde on GitHub (Oct 11, 2018). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/837 ### Additional Information _The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all._ _Keep in mind that the commands we provide to retrieve information are oriented to GNU/Linux Distributions, so you could need to use others if you use s3fs on MacOS or BSD_ #### Version of s3fs being used (s3fs --version) V1.84(commit:unknown) #### Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse) 17.5.0 #### Kernel information (uname -r) _command result: uname -r_ #### GNU/Linux Distribution, if applicable (cat /etc/os-release) MacOS 10.13.4 #### s3fs command line used, if applicable ``` s3fs archive.mydomain.com ~/archive.mydomain.com -o passwd_file=$HOME/.passwd-s3fs -o dbglevel=info -f -o curldbg ``` #### /etc/fstab entry, if applicable ``` ``` ### Details about issue ``` ~$ s3fs archive.mydomain.com ~/archive.syskall.com -o passwd_file=$HOME/.passwd-s3fs -o dbglevel=info -f -o curldbg [CRT] s3fs.cpp:set_s3fs_log_level(273): change debug level from [CRT] to [INF] [INF] s3fs.cpp:set_mountpoint_attribute(4180): PROC(uid=501, gid=20) - MountPoint(uid=501, gid=20, mode=40755) [INF] s3fs.cpp:s3fs_init(3379): init v1.84(commit:unknown) with GnuTLS(gcrypt) [INF] s3fs.cpp:s3fs_check_service(3721): check services. [INF] curl.cpp:CheckBucket(3076): check a bucket. [INF] curl.cpp:prepare_url(4265): URL is https://s3.amazonaws.com/archive.mydomain.com/ [INF] curl.cpp:prepare_url(4297): URL changed is https://archive.mydomain.com.s3.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2408): computing signature [GET] [/] [] [] [INF] curl.cpp:url_to_host(101): url is https://s3.amazonaws.com * Trying 54.231.49.80... * TCP_NODELAY set * Connected to archive.mydomain.com.s3.amazonaws.com (54.231.49.80) port 443 (#0) * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server did not agree to a protocol * Server certificate: * subject: C=US; ST=Washington; L=Seattle; O=Amazon.com Inc.; CN=*.s3.amazonaws.com * start date: Sep 22 00:00:00 2017 GMT * expire date: Jan 3 12:00:00 2019 GMT * subjectAltName does not match archive.mydomain.com.s3.amazonaws.com * SSL: no alternative certificate subject name matches target host name 'archive.mydomain.com.s3.amazonaws.com' * stopped the pause stream! * Closing connection 0 [ERR] curl.cpp:RequestPerform(2197): ###curlCode: 51 msg: SSL peer certificate or SSH remote key was not OK [ERR] curl.cpp:CheckBucket(3104): Check bucket failed, S3 response: [CRT] s3fs.cpp:s3fs_check_service(3787): unable to connect(host=https://s3.amazonaws.com) - result of checking service. [ERR] s3fs.cpp:s3fs_exit_fuseloop(3369): Exiting FUSE event loop due to errors ``` After the last log line, s3fs freezes for a few minutes and I'm unable to kill it manually. My Mac also becomes very slow. Not sure if relevant but I'm using a VPN. I can manually connect to the s3 bucket using those credentials in Cyberduck.

kerem closed this issue 2026-03-04 01:46:01 +03:00

kerem commented 2026-03-04 01:46:02 +03:00

Author

Owner

Copy link

@olalonde commented on GitHub (Oct 11, 2018):

It works fine with the -o url=http://s3.amazonaws.com option. I suspect it has something to do with the fact that my bucket name has periods in it?

<!-- gh-comment-id:428807808 --> @olalonde commented on GitHub (Oct 11, 2018): It works fine with the `-o url=http://s3.amazonaws.com` option. I suspect it has something to do with the fact that my bucket name has periods in it?

kerem commented 2026-03-04 01:46:02 +03:00

Author

Owner

Copy link

@olalonde commented on GitHub (Oct 11, 2018):

The following appears to work as well:

$ s3fs archive.mydomain.com ~/archive.mydomain.com -o passwd_file=$HOME/.passwd-s3fs -o url=https://s3-us-west-1.amazonaws.com -o use_path_request_style -o dbglevel=info -f -o curldbg

<!-- gh-comment-id:428813630 --> @olalonde commented on GitHub (Oct 11, 2018): The following appears to work as well: ``` $ s3fs archive.mydomain.com ~/archive.mydomain.com -o passwd_file=$HOME/.passwd-s3fs -o url=https://s3-us-west-1.amazonaws.com -o use_path_request_style -o dbglevel=info -f -o curldbg ```

kerem commented 2026-03-04 01:46:02 +03:00

Author

Owner

Copy link

@gaul commented on GitHub (Apr 9, 2019):

I believe the SSL check fails since the certificate wildcard domain matches *.mydomain.com and not ..mydomain.com.

<!-- gh-comment-id:481181173 --> @gaul commented on GitHub (Apr 9, 2019): I believe the SSL check fails since the certificate wildcard domain matches *.mydomain.com and not *.*.mydomain.com.

kerem commented 2026-03-04 01:46:02 +03:00

Author

Owner

Copy link

@ggtakec commented on GitHub (Apr 9, 2019):

If you can, please try to use use_path_request_style option.

<!-- gh-comment-id:481262119 --> @ggtakec commented on GitHub (Apr 9, 2019): If you can, please try to use use_path_request_style option.

kerem commented 2026-03-04 01:46:02 +03:00

Author

Owner

Copy link

@gaul commented on GitHub (Feb 3, 2020):

Closing since it appears you have a workaround. Please reopen if my understanding is incorrect.

<!-- gh-comment-id:581291984 --> @gaul commented on GitHub (Feb 3, 2020): Closing since it appears you have a workaround. Please reopen if my understanding is incorrect.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

v1.97

v1.96

v1.95

v1.94

v1.93

v1.92

v1.91

v1.90

v1.89

v1.88

v1.87

v1.86

v1.85

v1.84

v1.83

v1.82

v1.81

v1.80

v1.79

v1.78

Pre-v1.78

v1.77

v1.76

v1.75

v1.74

Labels

Clear labels   

bug

  

bug

  

dataloss

  

duplicate

  

enhancement

  

feature request

  

help wanted

  

invalid

  

need info

  

performance

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

  

testing

No labels

bug

bug

dataloss

duplicate

enhancement

feature request

help wanted

invalid

need info

performance

pull-request

question

question

testing

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/s3fs-fuse#484

No description provided.