0

I'm having a problem when trying to get an object from S3. The credentials are all right, using them with SMTP worked. Already tried given it full access do S3. It will always results at same thing:

The request signature we calculated does not match the signature you provided. Check your key and signing method.

Checked object key, bucket name and region. Nothing seems to be odd.

EDIT: Link of the code: https://github.com/darakeon/dfm/blob/4.6.3.2/email/Redirector/S3.cs

EDIT2:

What solved for me:

I was trying to use same user for SES and S3. For some reason, and user of SES cannot be used for other services and an user of other services cannot be used by SES.

I did not realized that earlier because I was using one user at S3 and EC2 at same time and there was no problem. So, if you have same problem, check if you are using in one service an user that you actually created in another service dashboard."

Dara Keon
  • 21
  • 7
  • "Signature not matching" is not a network credential error that is used by SMTP. It is a TLS authentication saying the signed signature in a certificate is not working. – jdweng Jan 14 '21 at 14:53
  • You could try to explicitly connect to the API endpoint in the region of the bucket. In the past I had signature algorithm problems when it was using the us-east-1 endpoint for buckets in eu-central-1. – Maurice Jan 14 '21 at 14:54
  • The user is the same I use for SES service is what I wanted to say (just to tell the key and secret are right), @jdweng – Dara Keon Jan 14 '21 at 15:08
  • @Maurice, the region is Oregon, and I'm passing RegionEndpoint.USWest2 – Dara Keon Jan 14 '21 at 15:10
  • This has nothing to do with the user. It is a certificate that is used by TLS authentication. – jdweng Jan 14 '21 at 15:12
  • @jdweng, this is the code of SMTP, but this is not the question, I just mentioned is the same user to tell the password is not wrong https://github.com/darakeon/dfm/blob/4.6.3.2/email/Redirector/Email.cs#L44 – Dara Keon Jan 14 '21 at 15:16
  • Why do you think this error is a credential error??? It is a Signature error which is completely different. – jdweng Jan 14 '21 at 15:20
  • I'm not saying this is a credential error, I'm saying couldn't be a credential error because the password is correct. A bunch of places I looked, trying to find out what is the problem, people resolved this error fixing the credentials, that's why I made clear from the begining that this is not the credentials the problem – Dara Keon Jan 14 '21 at 15:26
  • @jdweng, like this one: https://stackoverflow.com/questions/2777078/amazon-mws-request-signature-calculated-does-not-match-the-signature-provided – Dara Keon Jan 14 '21 at 15:38
  • The link says : "secret key in my credentials file". The secret key comes from a certificate. The link is from 2016 and the authentication method probably has been updated to use TLS which is more secure. Over the last 5 years everybody has move to TLS authentication using either TLS 1.2 or 1.3. So instead of entering a secrete key in code it comes from the certificate. – jdweng Jan 14 '21 at 16:00
  • All the examples of AmazonS3Client I saw are using IAM user with AccessKeyId and SecretAccessKey, or adding this by config, or with this saved in OS as variable or in a file at user folder. Do you know any link using this way you are saying to connect to S3? – Dara Keon Jan 14 '21 at 19:24
  • Using an IAM that had not "/" in its secret and the communication worked finely. Still want to look for how to scape the "/" sign. – Dara Keon Jan 14 '21 at 19:44
  • Actually, you cannot use SMTP credentials for another thing neither other thing credential to SMTP – Dara Keon Jan 14 '21 at 20:23
  • (was about that you were talking about? I'm still using IAM credentials for SMTP, but different ones) – Dara Keon Jan 14 '21 at 21:28

0 Answers0