https://community.qlik.com/t5/Stitch/Stitch-Data-Loading-Fails-When-Using-SSH-Tunnel-to-Amazon/m-p/2507205#M85 <P>We are experiencing an issue when loading data into <STRONG>Amazon Redshift</STRONG> as the <STRONG>destination in Stitch</STRONG>, specifically when using an <STRONG>SSH tunnel</STRONG> for connection security.</P> <P><STRONG>Issue Details:</STRONG></P> <UL> <LI><STRONG>The only change</STRONG> we made is switching the <STRONG>destination connection from a publicly accessible Redshift instance</STRONG> to an instance accessed via <STRONG>SSH tunnel</STRONG>.</LI> <LI><STRONG>Without the SSH tunnel</STRONG>: <UL> <LI>Test connection: <span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Successful</LI> <LI>Data loading: <span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Successful</LI> <LI><STRONG>However, this is a security risk</STRONG> as we need the database to not be publicly accessible.</LI> </UL> </LI> <LI><STRONG>With the SSH tunnel</STRONG>: <UL> <LI>Test connection: <span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Successful</LI> <LI>Data loading: <span class="lia-unicode-emoji" title=":cross_mark:">❌</span> <STRONG>Fails with an S3CurlException error</STRONG></LI> <LI>The error message indicates a timeout when attempting to load data into S3 before writing to Redshift.</LI> </UL> </LI> </UL> <P><STRONG>Error Message:</STRONG><CODE></CODE></P> <PRE class="st-v2-text-editor__pre-wrap st-v2-margin-bottom--0">ERROR: Problem reading manifest file - S3CurlException: Failed to connect to s3.eu-central-1.amazonaws.com port 443 after 50001 ms: Timeout was reached, CurlError 28, multiCurlError 0, CanRetry 1, UserError 0 Detail: ----------------------------------------------- error: Problem reading manifest file - S3CurlException: Failed to connect to s3.eu-central-1.amazonaws.com port 443 after 50001 ms: Timeout was reached, CurlError 28, multiCurlError 0, CanRetry 1, UserError 0 code: 9001 context: s3://com-stitchdata-prod-loaders-staging-eu-central-1/ip-10-5-172-173-28081-8ae1151e-6107-4c74-abee-56aa3d18f04f/clients/208203/manifest_8776950644449573834.json query: 35136095 location: s3_utility.cpp:387 process: padbmaster [pid=1073922562] -----------------------------------------------<CODE></CODE></PRE> <P><STRONG>Additional Context:</STRONG></P> <UL> <LI>The connection to <STRONG>S3 appears to be failing only when the SSH tunnel is enabled</STRONG>, even though the test connection succeeds.</LI> <LI>The issue does <STRONG>not</STRONG> occur when Redshift is publicly accessible.</LI> <LI>We need to resolve this urgently, as keeping the database publicly accessible is <STRONG>not an acceptable security posture</STRONG>.</LI> </UL> <H3><STRONG>Questions for Support:</STRONG></H3> <OL> <LI><STRONG>Why does data loading to Redshift fail when using an SSH tunnel while the test connection still succeeds?</STRONG></LI> <LI><STRONG>Are there additional configurations required for Stitch to properly load data when using an SSH tunnel?</STRONG></LI> <LI><STRONG>Could there be a network routing issue with the SSH tunnel preventing access to AWS S3?</STRONG></LI> <LI><STRONG>Are there specific firewall rules, allowlists, or additional settings required for SSH tunnel-based connections to work with Stitch?</STRONG></LI> </OL> <H3><STRONG>Request for Resolution:</STRONG></H3> <P>We need guidance on how to configure Stitch properly to <STRONG>support SSH tunnel connections while ensuring data loading works as expected</STRONG>.</P> <P><STRONG>Appreciate any assistance from the Qlik support team!</STRONG></P> Tue, 25 Feb 2025 08:18:12 GMT jhteam 2025-02-25T08:18:12Z https://community.qlik.com/t5/Stitch/Stitch-Data-Loading-Fails-When-Using-SSH-Tunnel-to-Amazon/m-p/2507205#M85 <P>We are experiencing an issue when loading data into <STRONG>Amazon Redshift</STRONG> as the <STRONG>destination in Stitch</STRONG>, specifically when using an <STRONG>SSH tunnel</STRONG> for connection security.</P> <P><STRONG>Issue Details:</STRONG></P> <UL> <LI><STRONG>The only change</STRONG> we made is switching the <STRONG>destination connection from a publicly accessible Redshift instance</STRONG> to an instance accessed via <STRONG>SSH tunnel</STRONG>.</LI> <LI><STRONG>Without the SSH tunnel</STRONG>: <UL> <LI>Test connection: <span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Successful</LI> <LI>Data loading: <span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Successful</LI> <LI><STRONG>However, this is a security risk</STRONG> as we need the database to not be publicly accessible.</LI> </UL> </LI> <LI><STRONG>With the SSH tunnel</STRONG>: <UL> <LI>Test connection: <span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Successful</LI> <LI>Data loading: <span class="lia-unicode-emoji" title=":cross_mark:">❌</span> <STRONG>Fails with an S3CurlException error</STRONG></LI> <LI>The error message indicates a timeout when attempting to load data into S3 before writing to Redshift.</LI> </UL> </LI> </UL> <P><STRONG>Error Message:</STRONG><CODE></CODE></P> <PRE class="st-v2-text-editor__pre-wrap st-v2-margin-bottom--0">ERROR: Problem reading manifest file - S3CurlException: Failed to connect to s3.eu-central-1.amazonaws.com port 443 after 50001 ms: Timeout was reached, CurlError 28, multiCurlError 0, CanRetry 1, UserError 0 Detail: ----------------------------------------------- error: Problem reading manifest file - S3CurlException: Failed to connect to s3.eu-central-1.amazonaws.com port 443 after 50001 ms: Timeout was reached, CurlError 28, multiCurlError 0, CanRetry 1, UserError 0 code: 9001 context: s3://com-stitchdata-prod-loaders-staging-eu-central-1/ip-10-5-172-173-28081-8ae1151e-6107-4c74-abee-56aa3d18f04f/clients/208203/manifest_8776950644449573834.json query: 35136095 location: s3_utility.cpp:387 process: padbmaster [pid=1073922562] -----------------------------------------------<CODE></CODE></PRE> <P><STRONG>Additional Context:</STRONG></P> <UL> <LI>The connection to <STRONG>S3 appears to be failing only when the SSH tunnel is enabled</STRONG>, even though the test connection succeeds.</LI> <LI>The issue does <STRONG>not</STRONG> occur when Redshift is publicly accessible.</LI> <LI>We need to resolve this urgently, as keeping the database publicly accessible is <STRONG>not an acceptable security posture</STRONG>.</LI> </UL> <H3><STRONG>Questions for Support:</STRONG></H3> <OL> <LI><STRONG>Why does data loading to Redshift fail when using an SSH tunnel while the test connection still succeeds?</STRONG></LI> <LI><STRONG>Are there additional configurations required for Stitch to properly load data when using an SSH tunnel?</STRONG></LI> <LI><STRONG>Could there be a network routing issue with the SSH tunnel preventing access to AWS S3?</STRONG></LI> <LI><STRONG>Are there specific firewall rules, allowlists, or additional settings required for SSH tunnel-based connections to work with Stitch?</STRONG></LI> </OL> <H3><STRONG>Request for Resolution:</STRONG></H3> <P>We need guidance on how to configure Stitch properly to <STRONG>support SSH tunnel connections while ensuring data loading works as expected</STRONG>.</P> <P><STRONG>Appreciate any assistance from the Qlik support team!</STRONG></P> Tue, 25 Feb 2025 08:18:12 GMT https://community.qlik.com/t5/Stitch/Stitch-Data-Loading-Fails-When-Using-SSH-Tunnel-to-Amazon/m-p/2507205#M85 jhteam 2025-02-25T08:18:12Z