I know there are about 8 questions of similar titles asked already on SO, but none of them helped me with my issue.
So, I'm trying to post my question here:
I keep getting this well known SignatureDoesNotMatch error, looks pretty simple and straightforward, but I'm not able to sort it out, so please help.
Here's my Java code that throws this exception:
public static void main(String[] args) {
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider("default").getCredentials();
} catch (Exception e) {
throw new AmazonClientException("Cannot load the credentials from the credential profiles file. "
+ "Please make sure that your credentials file is at the correct "
+ "location (/Users/USERNAME/.aws/credentials), and is in valid format.", e);
}
AmazonElastiCacheClient client = new AmazonElastiCacheClient(credentials);
client.setRegion(Region.getRegion(Regions.AP_NORTHEAST_2));
DescribeCacheClustersRequest dccRequest = new DescribeCacheClustersRequest();
dccRequest.setShowCacheNodeInfo(true);
DescribeCacheClustersResult clusterResult = client.describeCacheClusters(dccRequest);
The last line in the above code segment keeps throwing the following stacktrace:
Exception in thread "main" com.amazonaws.services.elasticache.model.AmazonElastiCacheException: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'POST
/
amz-sdk-invocation-id:84ad8256-0ff0-343d-2f8d-6794d303d9c3
amz-sdk-retry:3/246/485
host:elasticache.ap-northeast-2.amazonaws.com
user-agent:aws-sdk-java/1.11.75 Mac_OS_X/10.11.6 Java_HotSpot(TM)_64-Bit_Server_VM/25.102-b14/1.8.0_102
x-amz-date:20161231T043533Z
amz-sdk-invocation-id;amz-sdk-retry;host;user-agent;x-amz-date
2747a03a915959eb5776c08ca15deccb190033381677a3b9dbaf8fc42fa54a0c'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20161231T043533Z
20161231/ap-northeast-2/elasticache/aws4_request
3e08746ee0b6cb44c7dcbbef810682adade54dbcc143688a47890a7baa90577a' (Service: AmazonElastiCache; Status Code: 403; Error Code: SignatureDoesNotMatch; Request ID: 910c6c16-cf12-11e6-bf57-4b2610895ff0)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1586)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1254)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1035)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:747)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:721)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:704)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:672)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:654)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:518)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.doInvoke(AmazonElastiCacheClient.java:2725)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.invoke(AmazonElastiCacheClient.java:2701)
at com.amazonaws.services.elasticache.AmazonElastiCacheClient.describeCacheClusters(AmazonElastiCacheClient.java:1431)
at sporadic.AmazonElastiCacheClientExample.main(AmazonElastiCacheClientExample.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)
My specs: aws-java-sdk is 1.11.75 (latest version as of 12/30/2016). java: 1.8.0_102
Also, I used the same credentials at /.aws/credentials to log into AWS console from Chrome, and I'm able to view my Elasticache instances fine. So I don't see anything wrong with my credentials.
Please help. I also posted my question on Github: https://github.com/aws/aws-sdk-java/issues/967
I tested your code with AWS Java SDK 1.11.75 against various Java 7 and 8 runtimes and the code worked fine in all cases. So, I think the code is fine.
I was, however, able to repro the issue by deliberately using a bad secret access key. Are your access key ID and secret access key both correct?