By krubbaShrimp
We used Spaces in a project, took no time at all and just works. Trying to use again in a second project, and now keep getting this error:
“The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch”
We get this error when tryin to use a new Spaces instance, but also when we use the previous one with a different bucket name. Confirmed that using the original Spaces instance/bucket name works fine.
Really doesn’t feel like anything we can fix, since a different bucket is really using the same URL, thus same certificate…
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey!
The error “The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch” usually occurs when there’s a mismatch between the hostname in the SSL certificate and the hostname you’re trying to connect to. When using DigitalOcean Spaces with a custom bucket name, this can happen if the connection URL isn’t formatted correctly to align with how the SSL certificate is issued.
Here’s how to address the issue:
-
Make sure you’re using the correct endpoint format for accessing your Space. The general format should be
https://{bucket}.{region}.digitaloceanspaces.com. If you don’t use the correct format, the SSL certificate, which is issued for*.region.digitaloceanspaces.com, won’t match your custom hostname. If you have a dot in the bucket name this will break the wildcard SSL certificate as it only covers one step above the{region}.digitaloceanspaces.comdomain. -
Disabling SSL validation, as you found in the workaround, is not recommended because it undermines the security of your connection. Instead, ensure you’re using the endpoint in a way that is compatible with the SSL certificate.
-
This error indicates that the bucket you’re trying to access does not exist or is not accessible with the credentials you’re using. Double-check that:
- The bucket name is spelled correctly in your request.
- The bucket exists in the same region you’re targeting with your endpoint.
- The credentials (access key and secret key) have permission to access the bucket.
-
If you’re dynamically creating buckets and then immediately accessing them, ensure there isn’t a timing issue where the bucket isn’t fully ready when you try to access it.
When you create a new Space or bucket, there might be a brief period during which the DNS records are propagating. While this typically isn’t a problem for bucket access via the provided endpoints, if you’re accessing the Space immediately after creation, it could potentially lead to issues.
Best,
bobby
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.