AWS SignatureDoesNotMatch 错误
AWS SignatureDoesNotMatch error
我知道 SO 上已经问了大约 8 个类似标题的问题,但其中 none 帮助我解决了我的问题。
所以,我正在尝试 post 我的问题:
我一直收到这个众所周知的 SignatureDoesNotMatch 错误,看起来非常简单明了,但我无法解决这个问题,所以请帮忙。
这是我的 Java 抛出此异常的代码:
public static void main(String[] args) {
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider("default").getCredentials();
} catch (Exception e) {
throw new AmazonClientException("Cannot load the credentials from the credential profiles file. "
+ "Please make sure that your credentials file is at the correct "
+ "location (/Users/USERNAME/.aws/credentials), and is in valid format.", e);
}
AmazonElastiCacheClient client = new AmazonElastiCacheClient(credentials);
client.setRegion(Region.getRegion(Regions.AP_NORTHEAST_2));
DescribeCacheClustersRequest dccRequest = new DescribeCacheClustersRequest();
dccRequest.setShowCacheNodeInfo(true);
DescribeCacheClustersResult clusterResult = client.describeCacheClusters(dccRequest);
上述代码段的最后一行不断抛出以下堆栈跟踪:
Exception in thread "main" com.amazonaws.services.elasticache.model.AmazonElastiCacheException: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'POST
/
amz-sdk-invocation-id:84ad8256-0ff0-343d-2f8d-6794d303d9c3
amz-sdk-retry:3/246/485
host:elasticache.ap-northeast-2.amazonaws.com
user-agent:aws-sdk-java/1.11.75 Mac_OS_X/10.11.6 Java_HotSpot(TM)_64-Bit_Server_VM/25.102-b14/1.8.0_102
x-amz-date:20161231T043533Z
amz-sdk-invocation-id;amz-sdk-retry;host;user-agent;x-amz-date
2747a03a915959eb5776c08ca15deccb190033381677a3b9dbaf8fc42fa54a0c'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20161231T043533Z
20161231/ap-northeast-2/elasticache/aws4_request
3e08746ee0b6cb44c7dcbbef810682adade54dbcc143688a47890a7baa90577a' (Service: AmazonElastiCache; Status Code: 403; Error Code: SignatureDoesNotMatch; Request ID: 910c6c16-cf12-11e6-bf57-4b2610895ff0)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1254)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1035)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:747)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:721)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:704)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access0(AmazonHttpClient.java:672)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:654)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:518)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.doInvoke(AmazonElastiCacheClient.java:2725)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.invoke(AmazonElastiCacheClient.java:2701)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.describeCacheClusters(AmazonElastiCacheClient.java:1431)
at sporadic.AmazonElastiCacheClientExample.main(AmazonElastiCacheClientExample.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)
我的规格:
aws-java-sdk 是 1.11.75(截至 2016 年 12 月 30 日的最新版本)。
java: 1.8.0_102
此外,我在 /.aws/credentials 使用相同的凭据从 Chrome 登录 AWS 控制台,我能够正常查看我的 Elasticache 实例。
所以我没有发现我的凭据有任何问题。
请帮忙。
我还 post 在 Github 上编辑了我的问题:https://github.com/aws/aws-sdk-java/issues/967
我使用 AWS Java SDK 1.11.75 针对各种 Java 7 和 8 运行时测试了您的代码,代码在所有情况下都运行良好。所以,我觉得代码没问题。
但是,我能够通过故意使用错误的秘密访问密钥来重现该问题。您的访问密钥 ID 和秘密访问密钥都正确吗?
我知道 SO 上已经问了大约 8 个类似标题的问题,但其中 none 帮助我解决了我的问题。
所以,我正在尝试 post 我的问题:
我一直收到这个众所周知的 SignatureDoesNotMatch 错误,看起来非常简单明了,但我无法解决这个问题,所以请帮忙。
这是我的 Java 抛出此异常的代码:
public static void main(String[] args) {
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider("default").getCredentials();
} catch (Exception e) {
throw new AmazonClientException("Cannot load the credentials from the credential profiles file. "
+ "Please make sure that your credentials file is at the correct "
+ "location (/Users/USERNAME/.aws/credentials), and is in valid format.", e);
}
AmazonElastiCacheClient client = new AmazonElastiCacheClient(credentials);
client.setRegion(Region.getRegion(Regions.AP_NORTHEAST_2));
DescribeCacheClustersRequest dccRequest = new DescribeCacheClustersRequest();
dccRequest.setShowCacheNodeInfo(true);
DescribeCacheClustersResult clusterResult = client.describeCacheClusters(dccRequest);
上述代码段的最后一行不断抛出以下堆栈跟踪:
Exception in thread "main" com.amazonaws.services.elasticache.model.AmazonElastiCacheException: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'POST
/
amz-sdk-invocation-id:84ad8256-0ff0-343d-2f8d-6794d303d9c3
amz-sdk-retry:3/246/485
host:elasticache.ap-northeast-2.amazonaws.com
user-agent:aws-sdk-java/1.11.75 Mac_OS_X/10.11.6 Java_HotSpot(TM)_64-Bit_Server_VM/25.102-b14/1.8.0_102
x-amz-date:20161231T043533Z
amz-sdk-invocation-id;amz-sdk-retry;host;user-agent;x-amz-date
2747a03a915959eb5776c08ca15deccb190033381677a3b9dbaf8fc42fa54a0c'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20161231T043533Z
20161231/ap-northeast-2/elasticache/aws4_request
3e08746ee0b6cb44c7dcbbef810682adade54dbcc143688a47890a7baa90577a' (Service: AmazonElastiCache; Status Code: 403; Error Code: SignatureDoesNotMatch; Request ID: 910c6c16-cf12-11e6-bf57-4b2610895ff0)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1254)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1035)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:747)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:721)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:704)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access0(AmazonHttpClient.java:672)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:654)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:518)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.doInvoke(AmazonElastiCacheClient.java:2725)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.invoke(AmazonElastiCacheClient.java:2701)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.describeCacheClusters(AmazonElastiCacheClient.java:1431)
at sporadic.AmazonElastiCacheClientExample.main(AmazonElastiCacheClientExample.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)
我的规格: aws-java-sdk 是 1.11.75(截至 2016 年 12 月 30 日的最新版本)。 java: 1.8.0_102
此外,我在 /.aws/credentials 使用相同的凭据从 Chrome 登录 AWS 控制台,我能够正常查看我的 Elasticache 实例。 所以我没有发现我的凭据有任何问题。
请帮忙。 我还 post 在 Github 上编辑了我的问题:https://github.com/aws/aws-sdk-java/issues/967
我使用 AWS Java SDK 1.11.75 针对各种 Java 7 和 8 运行时测试了您的代码,代码在所有情况下都运行良好。所以,我觉得代码没问题。
但是,我能够通过故意使用错误的秘密访问密钥来重现该问题。您的访问密钥 ID 和秘密访问密钥都正确吗?