I currently have the problem on a VBR server that it is not possible to create an S3 bucket.
When selecting the folder, the error message “The bucket could not be found” always appears.
For your information, the functionality of the bucket is definitely given.
The bucket can be integrated on other VBR servers without any problems, but the firewall and antivirus software is also enabled / disabled before the affected VBR server where the error message appears.
Unfortunately there is no solution in the support case yet...
Have any of you ever had this error and can possibly contribute a solution here?
Hi Fabian, welcome to the forums, and sorry to hear about the challenges.
Thank you for sharing your case number, and please continue with Support on this issue; I understand a bit of research and work into anti-virus and firewall has been done and yielded no positive results, so Support will continue their investigation.
In the table here, it points to an application SSL issue -- any chance you're seeing SChannel events in the System/Application log from the Veeam server itself? Is TLS 1.2 perhaps disabled and the S3 provider doesn't yet support TLS 1.3?
David Domask | Product Management: Principal Analyst
@Steve:
We use an “on-premise” NetApp Strorage Grid as object storage.
@David
The issue is a bit strange, my understanding is that TLS 1.2 should actually be enabled, but I am following up with support and have sent them some more information such as a network recording etc.
I would like to report back on the case and its solution, I have already shared the findings with the support team.
Through another troubleshooting session, we were able to find the error ourselves.
About the error description:
Basically, this was apparently caused by a former domain membership or the GPOs associated with it.
The following registry key was provided with the GPOs:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002]
“Functions“=”TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256, TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA”
By removing this registry key and then restarting the system, the error message disappeared and the connection establishment via the VBR server as S3 gateway works perfectly.
Glad to hear that you were able to find the root cause, and thank you very much for sharing it. So it was an SSL issue, but not about TLS version just about ciphers.
Appreciate you sharing the resolution!
David Domask | Product Management: Principal Analyst