What is the problem you are having with rclone?
Enabling SSE-C to upload to S3 provider Wasabi
Run the command 'rclone version' and share the full output of the command.
On Windows 11
C:\Windows\System32>rclone version
rclone v1.69.1
- os/version: Microsoft Windows 11 Pro for Workstations 24H2 24H2 (64 bit)
- os/kernel: 10.0.26100.3775 (x86_64)
- os/type: windows
- os/arch: amd64
- go/version: go1.24.0
- go/linking: static
- go/tags: cmount
Which cloud storage system are you using?
Wasabi (S3) https://wasabi.com/
The command you were trying to run (eg rclone copy /tmp remote:tmp)
I tried countless rclone.conf config combinations, getting help from ChatGPT o1 but it is having me pulling my hear out.
rclone and rclone browser work when using:
[Wasabi bucket]
type = s3
provider = Wasabi
access_key_id = REDACTED
secret_access_key = REDACTED
region = us-east-2
endpoint = s3.us-east-2.wasabisys.com
acl = private
upload_cutoff = 2Gi
chunk_size = 512Mi
but as soon I add my SSE-C values to the above config
server_side_encryption = C
sse_c = AES256
sse_c_key = REDACTED
I get:
A log from the command that you were trying to run with the -vv flag
C:\Windows\System32>rclone copy C:\Users\Nathaniel\Pictures\d16-CAM_VS.jpg "Wasabi US-Virginia:us-virginia" -vv
2025/04/10 08:15:39 DEBUG : rclone: Version "v1.69.1" starting with parameters ["rclone" "copy" "C:\Users\Nathaniel\Pictures\d16-CAM_VS.jpg" "Wasabi US-Virginia:us-virginia" "-vv"]
2025/04/10 08:15:39 DEBUG : Creating backend with remote "C:\Users\Nathaniel\Pictures\d16-CAM_VS.jpg"
2025/04/10 08:15:39 DEBUG : Using config file from "c:\rclone\rclone.conf"
2025/04/10 08:15:39 DEBUG : fs cache: renaming child cache item "C:\Users\Nathaniel\Pictures\d16-CAM_VS.jpg" to be canonical for parent "//?/C:/Users/Nathaniel/Pictures"
2025/04/10 08:15:39 DEBUG : Creating backend with remote "Wasabi US-Virginia:us-virginia"
2025/04/10 08:15:40 DEBUG : d16-CAM_VS.jpg: Need to transfer - File not found at Destination
2025/04/10 08:15:40 INFO : S3 bucket us-virginia: Bucket "us-virginia" created with ACL "private"
2025/04/10 08:15:40 ERROR : d16-CAM_VS.jpg: Failed to copy: operation error S3: PutObject, https response error StatusCode: 400, RequestID: 91FEA529CF1C1636:A, HostID: tSBLtCv+I+Gb2Bkhz/LN6JMTgC1/eKtRk+eRndJuMry8bI8XKaTxZs/Y19bvD8Iyf72d50jczX5P, api error InvalidArgument: The encryption method specified is not supported
2025/04/10 08:15:40 ERROR : Attempt 1/3 failed with 1 errors and: operation error S3: PutObject, https response error StatusCode: 400, RequestID: 91FEA529CF1C1636:A, HostID: tSBLtCv+I+Gb2Bkhz/LN6JMTgC1/eKtRk+eRndJuMry8bI8XKaTxZs/Y19bvD8Iyf72d50jczX5P, api error InvalidArgument: The encryption method specified is not supported
2025/04/10 08:15:40 DEBUG : d16-CAM_VS.jpg: Need to transfer - File not found at Destination
2025/04/10 08:15:40 ERROR : d16-CAM_VS.jpg: Failed to copy: operation error S3: PutObject, https response error StatusCode: 400, RequestID: A0FD0A299C019C9E:A, HostID: ERmeTy1hgUDXh0wiJBto2SoQFn5vmsvXr7LEoJ+XA4oRsSuD6bsO+UEqwZ9vWeWdlf/XKZtvgAT3, api error InvalidArgument: The encryption method specified is not supported
2025/04/10 08:15:40 ERROR : Attempt 2/3 failed with 1 errors and: operation error S3: PutObject, https response error StatusCode: 400, RequestID: A0FD0A299C019C9E:A, HostID: ERmeTy1hgUDXh0wiJBto2SoQFn5vmsvXr7LEoJ+XA4oRsSuD6bsO+UEqwZ9vWeWdlf/XKZtvgAT3, api error InvalidArgument: The encryption method specified is not supported
2025/04/10 08:15:41 DEBUG : d16-CAM_VS.jpg: Need to transfer - File not found at Destination
2025/04/10 08:15:41 ERROR : d16-CAM_VS.jpg: Failed to copy: operation error S3: PutObject, https response error StatusCode: 400, RequestID: E9CAB5902BB654B8:A, HostID: f3PaWNtmtk/dtwAD+7eN8kLTHe4pkZmO3cv+sDL/IBpOZrFxdUfGK8awmuFQvNdtT6pqIlpjZ23G, api error InvalidArgument: The encryption method specified is not supported
2025/04/10 08:15:41 ERROR : Attempt 3/3 failed with 1 errors and: operation error S3: PutObject, https response error StatusCode: 400, RequestID: E9CAB5902BB654B8:A, HostID: f3PaWNtmtk/dtwAD+7eN8kLTHe4pkZmO3cv+sDL/IBpOZrFxdUfGK8awmuFQvNdtT6pqIlpjZ23G, api error InvalidArgument: The encryption method specified is not supported
2025/04/10 08:15:41 INFO :
Transferred: 384 KiB / 384 KiB, 100%, 256 KiB/s, ETA 0s
Errors: 1 (retrying may help)
Elapsed time: 1.2s2025/04/10 08:15:41 DEBUG : 2 go routines active
2025/04/10 08:15:41 NOTICE: Failed to copy: operation error S3: PutObject, https response error StatusCode: 400, RequestID: E9CAB5902BB654B8:A, HostID: f3PaWNtmtk/dtwAD+7eN8kLTHe4pkZmO3cv+sDL/IBpOZrFxdUfGK8awmuFQvNdtT6pqIlpjZ23G, api error InvalidArgument: The encryption method specified is not supported
however this works as explained here in git bash I do:
export AWS_SHARED_CREDENTIALS_FILE=/c/rclone/wasabi_aws_credentials.txt
aws s3 cp /c/Users/Nathaniel/Pictures/Earth_Day_1989_7.jpg s3://us-virginia/Earth_Day_1989_7.jpg \
--sse-c AES256 \
--sse-c-key fileb://C:/rclone/us-virginia.key \
--endpoint-url https://s3.us-east-2.wasabisys.com
so I would think it is not a Wasabi issue; but a rclone issue.
among other things I tried:
sse_c_key = Eogd1Hn7KpGzSDCfl4ETCx8UaNwYpBcAu7Vzl0U/sqk=
sse_c_key = us-virginia.key
sse_c_key = file:///C:/rclone/us-virginia.key
also, making different keys:
openssl rand 32 > /c/rclone/us-virginia.key
openssl rand -base64 32 > /c/rclone/us-virginia.txt
Please run 'rclone config redacted' and share the full output. If you get command not found, please make sure to update rclone.
[Wasabi CA-Toronto]
type = s3
provider = Wasabi
access_key_id = XXX
secret_access_key = XXX
region = ca-central-1
endpoint = s3.ca-central-1.wasabisys.com
acl = private
upload_cutoff = 2Gi
chunk_size = 512Mi
server_side_encryption = C
sse_c = AES256
sse_c_key = XXX
Thank you for helping!