[druid-user] Druid S3 custom CA certificate


I’m using the S3 extension to connect to various endpoints and buckets. I saw that it is possible to use HTTPS by including it in the endpoint URL or setting the druid.s3.protocol setting.

Now I would like to supply a custom CA certificate to be used when verifying the endpoint TLS. Is that possible? The S3 extension itself doesn’t seem to support it.


This recent discussion might help:


Thanks for the suggestion. I have already seen this discussion. But does that work with S3 too? I thought the client/server TLS settings only apply to druid to druid communication.

Hi Felix,
Currently, I don’t know a way to add the custom CA certificate for S3 communication. A workaround could be to add the CA certificate to the java Keystore which is under /lib/security/carcerts.

1 Like

Thank you, works great!

1 Like