AWS SQS - Openvpn - Error: SignatureDoesNotMatch
A customer asked: > I'm having trouble generating the VPN configuration file: What is it using for the signature? `$ openvpn-admin_windows_amd64.exe request --aws-region us-east-1 --username test ` And the error I'm receiving is: ``` ERROR: SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. ``` --- <ins datetime="2022-05-27T17:23:37Z"> <p><a href="https://support.gruntwork.io/hc/requests/108671">Tracked in ticket #108671</a></p> </ins>
This is most likely an issue with the AWS Credentials that you provided to the openvpn-admin utility. We use the AWS SDK to handle the authentication, so the signature method itself is unlikely to be an issue. I would double check the following things to make sure they aren't misconfigured: - How are you authenticating the CLI to AWS? Depending on your method, make sure the environment variables or configuration file don't have extra or missing characters in the values. The most common issue is leading or trailing spaces, which the SDK is sensitive to. - Do you have clock skew? The signature is calculated based on time, so if your hardware clock drifts from AWS servers, that can mess up the signature algorithm. Make sure the hardware clock of your system matches the world clock down to the second (e.g., [this one](https://www.timeanddate.com/worldclock/)).