Unable to execute HTTP request: Host name 's3.amazonaws.com' does not match the certificate subject provided by the peer

[ghost]

I am using
compile group: 'software.amazon.awssdk', name: 'aws-sdk-java', version:'2.5.29'
and when I am trying to listbuckets I am getting

software.amazon.awssdk.core.exception.SdkClientException: Unable to execute HTTP request: Host name 's3.amazonaws.com' does not match the certificate subject provided by the peer (CN=s3.amazonaws.com, O=Amazon.com Inc., L=Seattle, ST=Washington, C=US)
	at software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:97) ~[sdk-core-2.5.29.jar:na]
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage$RetryExecutor.handleThrownException(RetryableStage.java:136) ~[sdk-core-2.5.29.jar:na]
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage$RetryExecutor.execute(RetryableStage.java:94) ~[sdk-core-2.5.29.jar:na]
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:62) ~[sdk-core-2.5.29.jar:na]
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:42) ~[sdk-core-2.5.29.jar:na]

What got changed in the new version ? Following is my code

try {
            s3 = S3Client.builder()
                    .region(Region.of(region))
                    .credentialsProvider(SystemPropertyCredentialsProvider.create())
                    .build();
        } catch (Exception e) {
            e.printStackTrace();
        }
ListBucketsRequest listBucketsRequest = ListBucketsRequest.builder().build();
ListBucketsResponse listBucketsResponse = s3.listBuckets(listBucketsRequest);
 return listBucketsResponse.buckets();

When I try to set the http client to UrlConnectionHttpClient, the class is not found.. Is something missing in the version ?

[ghost]

Okay, I think I figured it out.. I needed to add the following dependency
compile group: 'software.amazon.awssdk', name: 'url-connection-client' to my project to get the UrlConnectionHttpClient..
And then when I add the TRUST_ALL_CERTIFICATES to true to the http client all works. Following is the complete code

     SdkHttpClient httpClient = UrlConnectionHttpClient
                .builder()
                .buildWithDefaults(AttributeMap.builder()
                        .put(SdkHttpConfigurationOption.TRUST_ALL_CERTIFICATES, Boolean.TRUE)
                        .build());
        try {
            s3 = S3Client.builder()
                    .httpClient(httpClient)
                    .region(Region.of(region))
                    .credentialsProvider(SystemPropertyCredentialsProvider.create())
                    .build();
        } catch (Exception e) {
            e.printStackTrace();
        }

[varunnvs92]

I am not aware of why your trust store is not accepting Amazon S3. It might be due to trust store being outdated. I would suggest look into it and fixing the trust store.
Using TRUST_ALL_CERTIFICATES is dangerous as it disables SSL verification and can lead to potential security issues.