You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If Minio server is hosted in a Windows environment, then the AssumeRoleWithCertificate doesn't work.
Expected Behavior
A MTLS webrequest to the AssumeRoleWithCertificate sts endpoint with a valid client certificate that CN is equal to an existing policy name returns valid credentials. (Works in linux hosted environment as expected!)
Current Behavior
When the Minio server is hosted in a Windows environment, the request as described previously fails with following output:
The problem seems to be in relation to the underlying file system handling, because the tls: part cannot be used in file or directory names under Windows. At least the following characters are forbidden in Windows directory and file names: \ / : * ? " < > |. (see also: Naming Conventions)
Make a web request with a valid client certificate as described in https://github.com/minio/minio/blob/master/docs/sts/tls.md to the AssumeRoleWithCertificate endpoint e.g.: https://localhost:9111?Action=AssumeRoleWithCertificate&Version=2011-06-15&DurationSeconds=3600
Context
We need to host minio server in a Windows environment without a linux based sub system and our applications need a possibility to get administration credentials dynamicly for maintenance.
Your Environment
Version used (minio --version): RELEASE.2024-01-18T22-51-28Z (commit-id=19387cafab76133c2e7642de4aac8c81b9f4f8c7) Runtime: go1.21.6 windows/amd64
Operating System and version: Windows Server 2019/2022
The text was updated successfully, but these errors were encountered:
harshavardhana
changed the title
AssumeRoleWithCertificate doesn't work, if minio is running under Windows
[port/windows] AssumeRoleWithCertificate doesn't work, if minio is running under Windows
Mar 27, 2024
harshavardhana
changed the title
[port/windows] AssumeRoleWithCertificate doesn't work, if minio is running under Windows
port/windows: AssumeRoleWithCertificate doesn't work, if minio is running under Windows
Mar 27, 2024
harshavardhana
changed the title
port/windows: AssumeRoleWithCertificate doesn't work, if minio is running under Windows
AssumeRoleWithCertificate doesn't work, if minio is running under Windows
Mar 27, 2024
If Minio server is hosted in a Windows environment, then the AssumeRoleWithCertificate doesn't work.
Expected Behavior
A MTLS webrequest to the AssumeRoleWithCertificate sts endpoint with a valid client certificate that CN is equal to an existing policy name returns valid credentials. (Works in linux hosted environment as expected!)
Current Behavior
When the Minio server is hosted in a Windows environment, the request as described previously fails with following output:
The problem seems to be in relation to the underlying file system handling, because the
tls:
part cannot be used in file or directory names under Windows. At least the following characters are forbidden in Windows directory and file names:\ / : * ? " < > |
. (see also: Naming Conventions)This bug is related to #18853 (same root cause)!
Possible Solution
Sanitized file name handling per platform, maybe as described here: https://stackoverflow.com/questions/1976007/what-characters-are-forbidden-in-windows-and-linux-directory-names/61448658#61448658
Steps to Reproduce (for bugs)
https://localhost:9111?Action=AssumeRoleWithCertificate&Version=2011-06-15&DurationSeconds=3600
Context
We need to host minio server in a Windows environment without a linux based sub system and our applications need a possibility to get administration credentials dynamicly for maintenance.
Your Environment
minio --version
): RELEASE.2024-01-18T22-51-28Z (commit-id=19387cafab76133c2e7642de4aac8c81b9f4f8c7) Runtime: go1.21.6 windows/amd64The text was updated successfully, but these errors were encountered: