New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AssumeRoleWithCertificate doesn't work, if minio is running under Windows #18865
Labels
Comments
harshavardhana
changed the title
AssumeRoleWithCertificate doesn't work, if minio is running under Windows
[port/windows] AssumeRoleWithCertificate doesn't work, if minio is running under Windows
Mar 27, 2024
harshavardhana
changed the title
[port/windows] AssumeRoleWithCertificate doesn't work, if minio is running under Windows
port/windows: AssumeRoleWithCertificate doesn't work, if minio is running under Windows
Mar 27, 2024
harshavardhana
changed the title
port/windows: AssumeRoleWithCertificate doesn't work, if minio is running under Windows
AssumeRoleWithCertificate doesn't work, if minio is running under Windows
Mar 27, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If Minio server is hosted in a Windows environment, then the AssumeRoleWithCertificate doesn't work.
Expected Behavior
A MTLS webrequest to the AssumeRoleWithCertificate sts endpoint with a valid client certificate that CN is equal to an existing policy name returns valid credentials. (Works in linux hosted environment as expected!)
Current Behavior
When the Minio server is hosted in a Windows environment, the request as described previously fails with following output:
The problem seems to be in relation to the underlying file system handling, because the
tls:
part cannot be used in file or directory names under Windows. At least the following characters are forbidden in Windows directory and file names:\ / : * ? " < > |
. (see also: Naming Conventions)This bug is related to #18853 (same root cause)!
Possible Solution
Sanitized file name handling per platform, maybe as described here: https://stackoverflow.com/questions/1976007/what-characters-are-forbidden-in-windows-and-linux-directory-names/61448658#61448658
Steps to Reproduce (for bugs)
https://localhost:9111?Action=AssumeRoleWithCertificate&Version=2011-06-15&DurationSeconds=3600
Context
We need to host minio server in a Windows environment without a linux based sub system and our applications need a possibility to get administration credentials dynamicly for maintenance.
Your Environment
minio --version
): RELEASE.2024-01-18T22-51-28Z (commit-id=19387cafab76133c2e7642de4aac8c81b9f4f8c7) Runtime: go1.21.6 windows/amd64The text was updated successfully, but these errors were encountered: