Share via

ADF Amazon S3 Linked Service - SSL failure

Tim Knight 45 Reputation points
2023-10-02T21:29:51.7433333+00:00

I am trying to create a Linked Service to an Amazon S3 bucket in Azure Data Factory but getting a Server Certificate error.

How can I disable Server Certificate Validation when using an Amazon S3 Linked Service?

Error:

The file operation is failed.
A WebException with status TrustFailure was thrown.
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
The remote certificate is invalid according to the validation procedure.

I am unable to disable Server Certificate Validation using the Amazon S3 Linked Service.

I have tried setting a parameter in the properties, but it does't work.

{
    "type": "Microsoft.DataFactory/factories/linkedservices",
    "properties": {
        "typeProperties": {
            "enableServerCertificateValidation": "false"
        }
    }
}

I have read the documentation and cannot find a setting for disabling Server Certificates.

https://learn.microsoft.com/en-us/azure/data-factory/connector-amazon-s3-compatible-storage?tabs=data-factory#linked-service-properties

I can connect using a Linked Service for REST API and it succeeds because I can disable the certificates.

User's image

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
11,625 questions
Accepted answer
  1. Bhargava-MSFT 31,261 Reputation points Microsoft Employee Moderator
    2023-10-03T18:37:33.3+00:00

    Hello Tim Knight,

    Welcome to the Microsoft Q&A forum.

    My understanding is that it is not possible to disable server certificate validation when using an Amazon S3 Linked Service.

    The Amazon S3 Linked Service does not support the property enableServerCertificateValidation. This property is only supported for the REST Linked Service.

    The error message you received indicates that the SSL/TLS secure channel could not be established because the remote certificate is invalid according to the validation procedure. This means that the client could not verify the SSL/TLS certificate presented by the server.

    The document below mentions, “The connector uses AWS Signature Version 4 to authenticate requests to S3.” So, you need to ensure that your server certificate is valid and matches your endpoint.

    https://learn.microsoft.com/en-us/azure/data-factory/connector-amazon-simple-storage-service?tabs=data-factory#supported-capabilities

    User's image

    To resolve the error, you will need to ensure that the SSL/TLS certificate presented by the server is valid and can be verified by the client. You may need to contact the server administrator or Amazon S3 for assistance with this.

    I hope this helps. Please let me know if you have any further questions.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.