PHP调用AWS SES服务发送邮件报403 Forbidden SignatureDoesNotMatch

错误描述

使用sdk-for-phphttps://docs.aws.amazon.com/zh_cn/sdk-for-php/v3/developer-guide/welcome.html

1
2
3
4
5
6
$emailConfig     = [
'key' => 'xxxxxx',
'secret' => 'xxxxxx',
'region' => 'us-east-1',
'sender' => 'support@appblog.cn',
];
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
Error executing "SendRawEmail" on "https://email.us-east-1.amazonaws.com"; AWS HTTP error: Client error: `POST https://email.us-east-1.amazonaws.com` resulted in a `403 Forbidden` response:
<ErrorResponse xmlns="http://ses.amazonaws.com/doc/2010-12-01/">
<Error>
<Type>Sender</Type>
<Code>SignatureDo (truncated...)
SignatureDoesNotMatch (client): The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

The Canonical String for this request should have been
'POST
/

host:email.us-east-1.amazonaws.com
x-amz-date:20210330T020743Z

host;x-amz-date
e921dae6c46aa9c5db01b8aa68fefc10794c65c6612987d85d1c3482943b2eba'

The String-to-Sign should have been
'AWS4-HMAC-SHA256
20210330T020743Z
20210330/us-east-1/ses/aws4_request
968b7b0686f381beefac6be2b39637cd5ed83071624c4a47f3d6a6bad89b5c1c'
- <ErrorResponse xmlns="http://ses.amazonaws.com/doc/2010-12-01/">
<Error>
<Type>Sender</Type>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

The Canonical String for this request should have been
'POST
/

host:email.us-east-1.amazonaws.com
x-amz-date:20210330T020743Z

host;x-amz-date
e921dae6c46aa9c5db01b8aa68fefc10794c65c6612987d85d1c3482943b2eba'

The String-to-Sign should have been
'AWS4-HMAC-SHA256
20210330T020743Z
20210330/us-east-1/ses/aws4_request
968b7b0686f381beefac6be2b39637cd5ed83071624c4a47f3d6a6bad89b5c1c'
</Message>
</Error>
<RequestId>f020662d-0b8d-432b-93af-0b649a0c2a21</RequestId>
</ErrorResponse>

解决方法

参考:https://stackoverflow.com/questions/38914755/aws-ses-403-permissions-error-with-laravel

I was also facing this issue and had eaten up a few hours of mine. The solution is simple. Do not use the SMTP credential as your username and password. Instead, go to IAM, create a new user and add SES permission. Then try again !!!

即不使用SES服务的SMTP Credentials,而是在IAM服务自行创建新用户,并赋予权限策略AmazonSESFullAccess,重新配置秘钥:

  • Access key ID
  • Secret access key

Powered by AppBlog.CN     浙ICP备14037229号

Copyright © 2012 - 2021 APP开发技术博客 All Rights Reserved.

访客数 : | 访问量 :