-
- Novice
- Posts: 4
- Liked: 1 time
- Joined: Oct 10, 2017 11:29 am
- Contact:
HGST s3 object storage and UPDATE4
Hello,
we are trying to connect our hgst active archive ( rel easiscale 4.2.1 ) object storage to veeam in order to use it as a capacity tier for our backup.
given that the storage is working and network has no issues ( i'm able to mount buckets with some s3 clients from the vm i'm using as gateway server for this new repository ) i've tried to create an object storage repository from veeam console.
sadly i't fails few seconds after giving me a notice on storage ssl certificate
Amazon REST error: 'We encountered an internal error. Please try again.. Code: InternalError', error code: 500. Other: Resource: ''
This hardware supports only v2 api signing, do veeam support this old version too?
we are trying to connect our hgst active archive ( rel easiscale 4.2.1 ) object storage to veeam in order to use it as a capacity tier for our backup.
given that the storage is working and network has no issues ( i'm able to mount buckets with some s3 clients from the vm i'm using as gateway server for this new repository ) i've tried to create an object storage repository from veeam console.
sadly i't fails few seconds after giving me a notice on storage ssl certificate
Amazon REST error: 'We encountered an internal error. Please try again.. Code: InternalError', error code: 500. Other: Resource: ''
This hardware supports only v2 api signing, do veeam support this old version too?
-
- Product Manager
- Posts: 20415
- Liked: 2302 times
- Joined: Oct 26, 2012 3:28 pm
- Full Name: Vladimir Eremin
- Contact:
Re: HGST s3 object storage and UPDATE4
We use api version 4, so that must be the reason. Version 2 is a bit old and does not seem to be recommended any longer. Thanks!
-
- Lurker
- Posts: 1
- Liked: never
- Joined: Jan 29, 2019 8:41 am
Re: HGST s3 object storage and UPDATE4
This locks out plenty of people using on-premise S3 storage systems using v2 signature version only. How is it possible to formally add a feature request about this?
Also: what is the "region" parameter for the S3 compatible storage used for? In non-AWS storages shouldn't that option be useless? Thank you very much for your assistance.
Also: what is the "region" parameter for the S3 compatible storage used for? In non-AWS storages shouldn't that option be useless? Thank you very much for your assistance.
-
- Novice
- Posts: 4
- Liked: 1 time
- Joined: Oct 10, 2017 11:29 am
- Contact:
Re: HGST s3 object storage and UPDATE4
Indeed a feature request would be needed in my case: we have 1PB object archive and i can't use it because of this api signing protocol.
which is the best way to submit this kind of request?
which is the best way to submit this kind of request?
-
- Product Manager
- Posts: 20415
- Liked: 2302 times
- Joined: Oct 26, 2012 3:28 pm
- Full Name: Vladimir Eremin
- Contact:
Re: HGST s3 object storage and UPDATE4
The forum is the best place to submit this type of request. However, while selecting the signature version we followed industry best practices, which recommend avoiding v2 protocol due to critical security vulnerabilities - so currently, there are no plans to implement v2 authentication support in our product. Can you check if you object storage vendor has a firmware update perhaps? I mean, some vulnerabilities of v2 were known back in 2009.How is it possible to formally add a feature request about this?
While most of S3-compatible object storage have region hard coded to the default value, some use custom region value. So, we had to provide customers with the ability to specify a custom region string to achieve wider compatibility with all S3-compatible object storage devices out there.Also: what is the "region" parameter for the S3 compatible storage used for?
Thanks!
-
- Novice
- Posts: 4
- Liked: 1 time
- Joined: Oct 10, 2017 11:29 am
- Contact:
Re: HGST s3 object storage and UPDATE4
I agree with you, unfortunately hgst has no plan to produce such firmware upgrade and their salesmen tried to make us buy a new device that is v4 compliant instead.Can you check if you object storage vendor has a firmware update perhaps? I mean, some vulnerabilities of v2 were known back in 2009.
Maybe we should just retarget this unit to different uses and buy another one ( but not from this vendor ) as backup storage.
so currently there are plans to implement v2 authentication support in our product.
i guess u meant "there are no plans to implement v2 auth", am i right?
-
- Product Manager
- Posts: 20415
- Liked: 2302 times
- Joined: Oct 26, 2012 3:28 pm
- Full Name: Vladimir Eremin
- Contact:
Re: HGST s3 object storage and UPDATE4
Sorry, my bad. It should have been "no plans to implement v2 authentication support". Thanks!i guess u meant "there are no plans to implement v2 auth", am i right?
Who is online
Users browsing this forum: No registered users and 9 guests