bucket replicate rule create failed #5239
Description
Expected behavior
I have two MinIO servers running in different environments. Due to the inconsistency of the root CA during deployment, I encountered a failure when attempting to create bucket replication.
Actual behavior
bucket replication create failed.
run mc replicate add local/bucke01 --debug --remote-bucket 'https://myaccesskey:[email protected]:31971/bucke01' --replicate "delete,delete-marker,existing-objects" --insecure
mc: <DEBUG> PUT /minio/admin/v3/set-remote-target?bucket=bucke01 HTTP/1.1
Host: minio-1.minio-headless.kube-system.svc.cluster.local:8989
User-Agent: MinIO (linux; amd64) madmin-go/3.0.70 mc/DEVELOPMENT.GOGET
Content-Length: 616
Accept-Encoding: zstd,gzip
Authorization: AWS4-HMAC-SHA256 Credential=ja3JMNGoagR3i7sKb1/20250805//s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: 380b8cf23b518ce504adb758d2d624eea30252e7d3b27644bb42ab67d0fd372a
X-Amz-Date: 20250805T023606Z
mc: <DEBUG> HTTP/1.1 503 Service Unavailable
Content-Length: 574
Accept-Ranges: bytes
Content-Type: application/json
Date: Tue, 05 Aug 2025 02:36:07 GMT
Server: MinIO
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Vary: Accept-Encoding
X-Amz-Id-2: 02f9a5183dd09663d0a2c2852f458cbb198ea50f6e231f7375858cff93b0dbaa
X-Amz-Request-Id: 1858BE5E470260FC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"Code":"XMinioAdminReplicationRemoteConnectionError","Message":"Remote service connection error (Remote service endpoint offline, target bucket: bucke01 or remote service credentials: Dmmz0T7fk9Q1WZVmFc invalid \n\tGet \"https://33.86.10.85:31971/bucke01/?location=\": tls: failed to verify certificate: x509: cannot validate certificate for 33.86.10.85 because it doesn't contain any IP SANs)","BucketName":"bucke01","Resource":"/minio/admin/v3/set-remote-target","RequestId":"1858BE5E470260FC","HostId":"02f9a5183dd09663d0a2c2852f458cbb198ea50f6e231f7375858cff93b0dbaa"}
mc: <DEBUG> TLS Certificate found:
mc: <DEBUG> >> Country: US
mc: <DEBUG> >> Organization: Minio
mc: <DEBUG> >> Expires: 2075-07-20 07:15:26 +0000 UTC
mc: <DEBUG> TLS Certificate found:
mc: <DEBUG> >> Country: US
mc: <DEBUG> >> Organization: Minio
mc: <DEBUG> >> Expires: 2099-12-31 00:00:00 +0000 UTC
mc: <DEBUG> TLS Certificate found:
mc: <DEBUG> >> Country: US
mc: <DEBUG> >> Organization: Minio
mc: <DEBUG> >> Expires: 2099-12-31 00:00:00 +0000 UTC
mc: <DEBUG> Response Time: 101.395008ms
Steps to reproduce the behavior
Creating bucket replication rules for Minio servers with two different root certificates.
mc --version
the last
System information
linux amd64
suggest
add a disable ssl flag when create bucket replication.