Reputation: 390
Signature does not match - same implementation is working in different env
I'm using aws-java-sdk-sts', version: '1.12.166' to try to connect to sqs queue and read messages from it and route them with Apache camel camel-aws-sqs:3.0.0 to a route when I deploy my solution I get the following error:
Failed polling endpoint: aws-sqs://MY-QUEUE-IN? accessKey=AKIXXXXXXXXXXXXXXXX&autoCreateQueue=false&maxMessagesPerPoll=1&queueUrl=https%3A%2F%2Fsqs.eu-central-1.amazonaws.com%2F111111111111%2FMY-QUEUE-IN-IN®ion=EU_CENTRAL_1&secretKey=xxxxxx.
Will try again at next poll.
Caused by: [com.amazonaws.services.sqs.model.AmazonSQSException - The request signature we calculated does not match the signature you provided.
Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been\n'POST\n/111111111111/MY-QUEUE-IN\n\namz-sdk-invocation-id:cc8c4702-664c-e76e-c071-ca02662a9aed\namz-sdk-request:ttl=20220812T181141Z;attempt=1;max=4\namz-sdk-retry:0/0/0\nhost:sqs.eu-central-1.amazonaws.com\nuser-agent:aws-sdk-java/1.12.166 Linux/5.4.172-90.336.amzn2.x86_64 OpenJDK_64-Bit_Server_VM/25.242-b08 java/1.8.0_242 vendor/IcedTea cfg/retry-mode/legacy\nx-amz-date:20220812T181051Z\n\namz-sdk-invocation-id;amz-sdk-request;amz-sdk-retry;host;user-agent;x-amz-date\n62bd803266d1241d4d977f450bc1dec1a924d61a9fe6e7ca76a26c6acf706134' The String-to-Sign should have been\n'AWS4-HMAC-SHA256\n20220812T181051Z\n20220812/eu-central-1/sqs/aws4_request\n8d1d936c48bdd037fdc35a20cbcfdc3da6b6275e753d2d821c689ce7690c8de8' (Service: AmazonSQS; Status Code: 403;
The code I use to send the request
from("aws-sqs:" + QueueName +
"?queueUrl=" + Endpoint + QueueName+
"&accessKey=" + AccessKey +
"&secretKey=" + SecretKey +
"®ion=" + Region +
"&autoCreateQueue=false" +
"&maxMessagesPerPoll=" + pollingMessagesMax
)
I provide these params via config file that I pass:
- QUEUENAME: 'MY-QUEUE-IN'
- ENDPOINT: 'https://sqs.eu-central-1.amazonaws.com/111111111111/'
- REGION: 'EU_CENTRAL_1'
and the access and secretKey are defined in my secret.
I'm using the same SDK in a different env with same implementation and it's working only difference I have is in this env I have different access and secretkey
My secret key in this env contains // something like ABCDHERMHHJJJJJq+PU/dGejhdsh/wE7lwHtqjAHJKL
I read that could be the issue
Upvotes: 0
Views: 161
Answers (1)
Reputation: 390
The issue was fixed when I generated a new secretKey that doesn't contains '+' character.somehow the '+' charater in the key was the cause of the issue
Upvotes: 0
Related Questions
- Amazon S3 Signature Does Not Match - AWS SDK Java
- Error: Signature matches only once in EC2 API request
- Status Code 403: SignatureDoesNotMatch when I am using Amazon SES
- AWS SignatureDoesNotMatch
- The request signature we calculated does not match the signature you provided
- SignatureDoesNotMatch, The request signature we calculated does not match the signature you provided
- AWS SignatureDoesNotMatch error
- Amazon AWS Signature V4 Java gives Wrong Encoding
- Certificate signature validation failed
- REST service signature using AWS