Home/ Questions/Q 4267848
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T06:57:19+00:00

I’ve tried everything here, but the Amazon Load Balancer API just will not accept

  • 0

I’ve tried everything here, but the Amazon Load Balancer API just will not accept my signature.

Whatever I try, I get a “403 SignatureDoesNotMatch” response. I’m probably missing something obvious, but having spent hours trying to figure out what that is, I’m at the end of my tether. Please help!! Thanks.

Here’s my code:

Public Sub DeregisterInstanceFromLoadBalance(ByVal strServerID As String)
    Dim strURL As String
    strURL = "http://elasticloadbalancing.amazonaws.com/?"
    Dim strTimestamp As String = PercentEncodeRfc3986(DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss'Z'"))

    Dim strParams As String
    strParams = "AWSAccessKeyId=<MY_API_KEY>" & _
    "&Action=DeregisterInstancesFromLoadBalancer" & _
    "&Instances.member.N=" & strServerID & _
    "&LoadBalancerName=ATTB" & _
    "&SignatureMethod=HmacSHA256" & _
    "&SignatureVersion=2" & _
    "&Timestamp=" & strTimestamp & _
    "&Version=2009-05-15"

    Dim strStringToSign As String = "GET\nelasticloadbalancing.amazonaws.com\n/\n" & strParams

    strURL = strURL & strParams & "&Signature=" & PercentEncodeRfc3986(HashString(strStringToSign))

    Dim wc As New WebClient()
    Dim strResponse As String
    strResponse = wc.DownloadString(strURL)

End Sub


Private Const PRIVATE_KEY As String = "<MY_PRIVATE_KEY>"

Private Function HashString(ByVal StringToHash As String) As String
    Dim Key() As Byte = Encoding.UTF8.GetBytes(PRIVATE_KEY)
    Dim XML() As Byte = Encoding.UTF8.GetBytes(StringToHash)
    Dim myHMACSHA256 As New System.Security.Cryptography.HMACSHA256(Key)
    Dim HashCode As Byte() = myHMACSHA256.ComputeHash(XML)
    Return Convert.ToBase64String(HashCode)
End Function


Private Function PercentEncodeRfc3986(ByVal str As String) As String

    str = HttpUtility.UrlEncode(str, System.Text.Encoding.UTF8)
    str = str.Replace("'", "%27").Replace("(", "%28").Replace(")", "%29").Replace("*", "%2A").Replace("!", "%21").Replace("%7e", "~").Replace("+", "%20").Replace("%7E", "~")

    Dim sbuilder As StringBuilder = New StringBuilder(str)
    For i As Int32 = 0 To sbuilder.Length - 1

        If sbuilder(i) = "%" Then
            If (Char.IsLetter(sbuilder(i + 1)) OrElse Char.IsLetter(sbuilder(i + 2))) Then
                sbuilder(i + 1) = Char.ToUpper(sbuilder(i + 1))
                sbuilder(i + 2) = Char.ToUpper(sbuilder(i + 2))
            End If
        End If
    Next
    Return sbuilder.ToString()
End Function
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Ok, I got to the bottom of this. There were a few problems; not least Amazon’s documentation.

    • In VB.Net, I should have been using ControlChars.Lf rather than “\n”
    • The Instances.member.N parameter as documented
      is just wrong, it should be
      Instances.member.[N].InstanceId, where [N] is the instance index,
      starting at 1. This was returning
      the rather confusing error message
      “LoadBalancerNotFound”.
    • The correct domain is elasticloadbalancing.[availability_zone].amazonaws.com; the examples used in the docs don’t make this particularly clear either. (although domain usage is documented elsewhere)
    • 0