Hello! I am trying to create an S3 BLOB store for an S3-compatible bucket.
I am getting the following error:
An error occurred saving data. ValidationErrorXO{id=‘*’, message=‘The provided ‘x-amz-content-sha256’ header does not match what was computed. (Service: S3, Status Code: 400, Request ID: 0000019BE22293B594EA2EA8B6F7A728, Extended Request ID: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA) (SDK Attempt Count: 1)’}
I tried setting the following parameters:
nexus.blobstore.s3.chunkedEncodingDisabled=true nexus.blobstore.s3.payloadSigningEnabled=false
It didn’t help. What other parameters can I add?
I can successfully connect to the bucket using rclone:
SigV4 (AWS4-HMAC-SHA256) is used, and the signature passed validation (no authentication errors)
When we create temporary blobs (i.e. something not attached to an asset in Nexus) we include custom metadata, some “s3 compatible” systems do not correctly compute the signature for these requests.
What configuration changes can I make on the Nexus Repository side?
Which property or setting should I apply (e.g. in nexus.properties)?
Does Nexus offer any compatibility mode, relaxed signature verification, simplified request signing behavior, or other options to make it more tolerant to S3-compatible storage quirks (particularly regarding x-amz-content-sha256 handling)?
I’ve created a support ticket with my cloud provider’s technical support.
They ran tests with AWS SDK for Java version 2.33.5.
During the tests, they found out that their S3 implementation does not support the header value x-amz-content-sha256: STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER.
To fix this behavior, you need to add chunkedEncodingEnabled(false) to the S3 client configuration (in Nexus), after which the x-amz-content-sha256 header will no longer be set to STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER and will instead contain a valid hash value.
I already tried setting this property in nexus.properties: nexus.blobstore.s3.chunkedEncodingDisabled=true
…but it didn’t help
I also tried the following properties (none of them worked either): nexus.blobstore.s3.payloadSigningEnabled=false nexus.blobstore.s3.requestChecksumCalculation=WHEN_REQUIRED nexus.blobstore.s3.signerOverride=AWSS3V4SignerType nexus.blobstore.s3.ownership.check.disabled=true nexus.blobstore.s3.checksumAlgorithm=NONE
Could someone please tell me which exact property I need to set? How can I properly configure the S3 client in Nexus Repository to disable chunked encoding?
Unfortunately Nexus Repository does not currently support configuring the chunkedEncodingEnabled setting for the S3 client for this type of blob stores. if you’re a PRO customer you may want to reach our support team.
