Specifying a port in s3cmd makes v4 fail

Here is the s3cmd command and its output:

# s3cmd --debug -c s3cfg.mem-v4 mb s3://testbucket
DEBUG: s3cmd version 1.6.1
DEBUG: ConfigParser: Reading file 's3cfg.mem-v4'
DEBUG: ConfigParser: access_key->ac...7_chars...1
DEBUG: ConfigParser: secret_key->ve...11_chars...1
DEBUG: ConfigParser: host_base->{{HOST}}:80
DEBUG: ConfigParser: host_bucket->%(bucket)s.{{HOST}}:80
DEBUG: ConfigParser: signature_v2->False
DEBUG: ConfigParser: use_https->False
DEBUG: ConfigParser: website_endpoint->http://192.168.1.101:80/answertoall
DEBUG: Updating Config.Config cache_file -> 
DEBUG: Updating Config.Config follow_symlinks -> False
DEBUG: Updating Config.Config verbosity -> 10
DEBUG: Unicodising 'mb' using UTF-8
DEBUG: Unicodising 's3://testbucket' using UTF-8
DEBUG: Command: mb
DEBUG: CreateRequest: resource[uri]=/
DEBUG: Using signature v4
DEBUG: get_hostname(testbucket): testbucket.{{HOST}}:80
DEBUG: canonical_headers = host:testbucket.{{HOST}}:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T105414Z

DEBUG: Canonical Request:
PUT
/

host:testbucket.{{HOST}}:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T105414Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
----------------------
DEBUG: signature-v4 headers: {'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'Authorization': 'AWS4-HMAC-SHA256 Credential=accessKey1/20160628/US/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=44805e7ecae4b14c918a92142513f58b19dbc3051b175f66fe85d8c3b322b237', 'x-amz-date': '20160628T105414Z'}
DEBUG: Processing request, please wait...
DEBUG: get_hostname(testbucket): testbucket.{{HOST}}:80
DEBUG: ConnMan.get(): creating new connection: http://testbucket.{{HOST}}:80
DEBUG: non-proxied HTTPConnection(testbucket.{{HOST}}:80)
DEBUG: format_uri(): /
DEBUG: Sending request method_string='PUT', uri='/', headers={'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'Authorization': 'AWS4-HMAC-SHA256 Credential=accessKey1/20160628/US/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=44805e7ecae4b14c918a92142513f58b19dbc3051b175f66fe85d8c3b322b237', 'x-amz-date': '20160628T105414Z'}, body=(0 bytes)
DEBUG: Response: {'status': 403, 'headers': {'x-amz-id-2': '781591391d87c1f6a3d3', 'server': 'AmazonS3', 'transfer-encoding': 'chunked', 'connection': 'keep-alive', 'x-amz-request-id': '781591391d87c1f6a3d3', 'date': 'Tue, 28 Jun 2016 10:54:15 GMT', 'content-type': 'application/xml'}, 'reason': 'Forbidden', 'data': '<?xml version="1.0" encoding="UTF-8"?><Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided.</Message><Resource></Resource><RequestId>781591391d87c1f6a3d3</RequestId></Error>'}
DEBUG: ConnMan.put(): connection put back to pool (http://testbucket.{{HOST}}:80#1)
DEBUG: S3Error: 403 (Forbidden)
DEBUG: HttpHeader: x-amz-id-2: 781591391d87c1f6a3d3
DEBUG: HttpHeader: server: AmazonS3
DEBUG: HttpHeader: transfer-encoding: chunked
DEBUG: HttpHeader: connection: keep-alive
DEBUG: HttpHeader: x-amz-request-id: 781591391d87c1f6a3d3
DEBUG: HttpHeader: date: Tue, 28 Jun 2016 10:54:15 GMT
DEBUG: HttpHeader: content-type: application/xml
DEBUG: ErrorXML: Code: 'SignatureDoesNotMatch'
DEBUG: ErrorXML: Message: 'The request signature we calculated does not match the signature you provided.'
DEBUG: ErrorXML: Resource: None
DEBUG: ErrorXML: RequestId: '781591391d87c1f6a3d3'
ERROR: S3 error: 403 (SignatureDoesNotMatch): The request signature we calculated does not match the signature you provided.

And here is the log from our Kibana instance (First, the CanonicalRequest, and second the constructed stringToSign):

{
  "_index": "logstash-scality-2016.06.28",
  "_type": "log",
  "_id": "AVWWpUvFjIh-3to3jiRi",
  "_score": null,
  "_source": {
    "name": "S3",
    "bucketName": "testbucket",
    "canonicalReqResult": "PUT\n/\n\nhost:testbucket.{{HOST}}\nx-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\nx-amz-date:20160628T105414Z\n\nhost;x-amz-content-sha256;x-amz-date\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
    "req_id": "781591391d87c1f6a3d3",
    "level": "debug",
    "message": "constructed canonicalRequest",
    "hostname": "connect05.scality.riakpoc.local",
    "pid": 85,
    "@version": "1",
    "@timestamp": "2016-06-28T10:54:15.022Z",
    "fields": {},
    "beat": {},
    "type": "log",
    "count": 1
  },
  "fields": {
    "@timestamp": [
      1467111255022
    ]
  },
  "highlight": {
    "req_id": [
      "@kibana-highlighted-field@781591391d87c1f6a3d3@/kibana-highlighted-field@"
    ],
    "req_id.raw": [
      "@kibana-highlighted-field@781591391d87c1f6a3d3@/kibana-highlighted-field@"
    ]
  },
  "sort": [
    1467111255022
  ]
}
{
  "_index": "logstash-scality-2016.06.28",
  "_type": "log",
  "_id": "AVWWpUvFjIh-3to3jiRl",
  "_score": null,
  "_source": {
    "name": "S3",
    "bucketName": "testbucket",
    "stringToSign": "AWS4-HMAC-SHA256\n20160628T105414Z\n20160628/US/s3/aws4_request\n1dff0237362e0f8b069cba1748f99ccca9221cc54a6d37187a268071d38e65e4",
    "req_id": "781591391d87c1f6a3d3",
    "level": "trace",
    "message": "constructed stringToSign",
    "hostname": "connect05.scality.riakpoc.local",
    "pid": 85,
    "@version": "1",
    "@timestamp": "2016-06-28T10:54:15.022Z",
    "type": "log",
    "count": 1,
    "fields": {},
    "beat": {}
  },
  "fields": {
    "@timestamp": [
      1467111255022
    ]
  },
  "highlight": {
    "req_id": [
      "@kibana-highlighted-field@781591391d87c1f6a3d3@/kibana-highlighted-field@"
    ],
    "req_id.raw": [
      "@kibana-highlighted-field@781591391d87c1f6a3d3@/kibana-highlighted-field@"
    ]
  },
  "sort": [
    1467111255022
  ]
}

As you can see, comparing the two canonical Requests:
(from s3cmd)

PUT
/

host:testbucket.{{HOST}}:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T105414Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

(from S3)

PUT
/

host:testbucket.{{HOST}}
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T105414Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

We can see that the only difference is that s3cmd includes the target's port into the canonical request, while the S3 server computes it without a port. In this setup here, we're using HAProxy to load-balance the requests only multiple S3 servers, so it makes sense to avoid using the port inside S3; but as s3cmd is actually using it, it may make the v4 auth fail for no real valid reason.

I do not think it is for us to fix, but we should at least document it properly.

@vrancurel @GiorgioRegni what is your take on this ?

[LaurenSpiegel]

How are you specifying the port? What does your cfg look like?

Essentially:

[default]
access_key = accessKey1
secret_key = verySecretKey1
host_base = {{HOST}}:80
host_bucket = %(bucket)s.{{HOST}}:80
signature_v2 = False
use_https = False
website_endpoint = http://192.168.1.101:80/answertoall

As you can see, the port is specified with the :{{PORT}} syntax.

[LaurenSpiegel]

As discussed, the issue seems to be specifying port 80 rather than specifying any port since specifying 8000 works. We could test with other clients to see if assuming 80 if no port specified works.

[rahulreddy]

s3cmd seems to be having this problem with AWS S3 as well

➜  ~  s3cmd mb s3://demo --debug
DEBUG: s3cmd version 1.6.1
DEBUG: ConfigParser: Reading file '/Users/rahul/.s3cfg'
DEBUG: ConfigParser: access_key->AK...17_chars...A
DEBUG: ConfigParser: enable_multipart->True
DEBUG: ConfigParser: encrypt->False
DEBUG: ConfigParser: host_base->s3.amazonaws.com:80
DEBUG: ConfigParser: host_bucket->%(bucket).s3.amazonaws.com:80
DEBUG: ConfigParser: multipart_chunk_size_mb->5
DEBUG: ConfigParser: secret_key->Hk...37_chars...Z
DEBUG: ConfigParser: signature_v2->False
DEBUG: ConfigParser: use_https->False
DEBUG: Updating Config.Config cache_file ->
DEBUG: Updating Config.Config follow_symlinks -> False
DEBUG: Updating Config.Config verbosity -> 10
DEBUG: Unicodising 'mb' using UTF-8
DEBUG: Unicodising 's3://demo' using UTF-8
DEBUG: Command: mb
DEBUG: CreateRequest: resource[uri]=/
DEBUG: Using signature v4
DEBUG: get_hostname(demo): s3.amazonaws.com:80
DEBUG: canonical_headers = host:s3.amazonaws.com:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T172406Z

DEBUG: Canonical Request:
PUT
/demo/

host:s3.amazonaws.com:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T172406Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
----------------------
DEBUG: signature-v4 headers: {'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'Authorization': 'AWS4-HMAC-SHA256 Credential=AKIAJBFO24EIJAUN24JA/20160628/US/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=5c88789eac3575268cd1bb7435c175502b2052bf225504d7e5aa9ffb66b705da', 'x-amz-date': '20160628T172406Z'}
DEBUG: Processing request, please wait...
DEBUG: get_hostname(demo): s3.amazonaws.com:80
DEBUG: ConnMan.get(): creating new connection: http://s3.amazonaws.com:80
DEBUG: non-proxied HTTPConnection(s3.amazonaws.com:80)
DEBUG: format_uri(): /demo/
DEBUG: Sending request method_string='PUT', uri='/demo/', headers={'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'Authorization': 'AWS4-HMAC-SHA256 Credential=AKIAJBFO24EIJAUN24JA/20160628/US/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=5c88789eac3575268cd1bb7435c175502b2052bf225504d7e5aa9ffb66b705da', 'x-amz-date': '20160628T172406Z'}, body=(0 bytes)
DEBUG: Response: {'status': 400, 'headers': {'x-amz-id-2': 'yxVTmkAK/L8VyB1EZyDi32U/4VKsFITLW5w6a4pAb2KNQN6SP8bZUvQuQToxkIoO8AqJCVL9h0o=', 'server': 'AmazonS3', 'transfer-encoding': 'chunked', 'connection': 'close', 'x-amz-request-id': '4D3EC53859DB181B', 'date': 'Tue, 28 Jun 2016 17:23:44 GMT', 'content-type': 'application/xml'}, 'reason': 'Bad Request', 'data': '<?xml version="1.0" encoding="UTF-8"?>\n<Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region \'US\' is wrong; expecting \'us-east-1\'</Message><Region>us-east-1</Region><RequestId>4D3EC53859DB181B</RequestId><HostId>yxVTmkAK/L8VyB1EZyDi32U/4VKsFITLW5w6a4pAb2KNQN6SP8bZUvQuQToxkIoO8AqJCVL9h0o=</HostId></Error>'}
DEBUG: ConnMan.put(): connection put back to pool (http://s3.amazonaws.com:80#1)
INFO: Forwarding request to us-east-1
DEBUG: Using signature v4
DEBUG: get_hostname(demo): s3.amazonaws.com:80
DEBUG: canonical_headers = host:s3.amazonaws.com:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T172406Z

DEBUG: Canonical Request:
PUT
/demo/

host:s3.amazonaws.com:80
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20160628T172406Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
----------------------
DEBUG: signature-v4 headers: {'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'x-amz-date': '20160628T172406Z', 'Authorization': u'AWS4-HMAC-SHA256 Credential=AKIAJBFO24EIJAUN24JA/20160628/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=b824c9cac98548727b9f5d37a846f7861d016a67c0808abfa0fa8b5b60ae5256'}
DEBUG: Processing request, please wait...
DEBUG: get_hostname(demo): s3.amazonaws.com:80
DEBUG: ConnMan.get(): re-using connection: http://s3.amazonaws.com:80#1
DEBUG: format_uri(): /demo/
DEBUG: Sending request method_string='PUT', uri='/demo/', headers={'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'x-amz-date': '20160628T172406Z', 'Authorization': u'AWS4-HMAC-SHA256 Credential=AKIAJBFO24EIJAUN24JA/20160628/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=b824c9cac98548727b9f5d37a846f7861d016a67c0808abfa0fa8b5b60ae5256'}, body=(0 bytes)
DEBUG: Response: {'status': 403, 'headers': {'x-amz-id-2': '70V5Ew7PF14d0QxKT59GhMEc0MOC1TSQ8TN5U6t9ouUoAQWp/l/4odiLtqDuuvRBxQBcH1Cv/aM=', 'server': 'AmazonS3', 'transfer-encoding': 'chunked', 'x-amz-request-id': '28D82BDDC61CEF61', 'date': 'Tue, 28 Jun 2016 17:23:45 GMT', 'content-type': 'application/xml'}, 'reason': 'Forbidden', 'data': '<?xml version="1.0" encoding="UTF-8"?>\n<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIAJBFO24EIJAUN24JA</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256\n20160628T172406Z\n20160628/us-east-1/s3/aws4_request\n28c7dfca5f1168f0dcca7ea00e162428bfbedef4fa1134ad78ee62e5a6cc980b</StringToSign><SignatureProvided>b824c9cac98548727b9f5d37a846f7861d016a67c0808abfa0fa8b5b60ae5256</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 36 30 36 32 38 54 31 37 32 34 30 36 5a 0a 32 30 31 36 30 36 32 38 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 32 38 63 37 64 66 63 61 35 66 31 31 36 38 66 30 64 63 63 61 37 65 61 30 30 65 31 36 32 34 32 38 62 66 62 65 64 65 66 34 66 61 31 31 33 34 61 64 37 38 65 65 36 32 65 35 61 36 63 63 39 38 30 62</StringToSignBytes><CanonicalRequest>PUT\n/demo/\n\nhost:s3.amazonaws.com\nx-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\nx-amz-date:20160628T172406Z\n\nhost;x-amz-content-sha256;x-amz-date\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>50 55 54 0a 2f 64 65 6d 6f 2f 0a 0a 68 6f 73 74 3a 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 36 30 36 32 38 54 31 37 32 34 30 36 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><RequestId>28D82BDDC61CEF61</RequestId><HostId>70V5Ew7PF14d0QxKT59GhMEc0MOC1TSQ8TN5U6t9ouUoAQWp/l/4odiLtqDuuvRBxQBcH1Cv/aM=</HostId></Error>'}
DEBUG: ConnMan.put(): connection put back to pool (http://s3.amazonaws.com:80#2)
DEBUG: S3Error: 403 (Forbidden)
DEBUG: HttpHeader: x-amz-id-2: 70V5Ew7PF14d0QxKT59GhMEc0MOC1TSQ8TN5U6t9ouUoAQWp/l/4odiLtqDuuvRBxQBcH1Cv/aM=
DEBUG: HttpHeader: server: AmazonS3
DEBUG: HttpHeader: transfer-encoding: chunked
DEBUG: HttpHeader: x-amz-request-id: 28D82BDDC61CEF61
DEBUG: HttpHeader: date: Tue, 28 Jun 2016 17:23:45 GMT
DEBUG: HttpHeader: content-type: application/xml
DEBUG: ErrorXML: Code: 'SignatureDoesNotMatch'
DEBUG: ErrorXML: Message: 'The request signature we calculated does not match the signature you provided. Check your key and signing method.'
DEBUG: ErrorXML: AWSAccessKeyId: 'AKIAJBFO24EIJAUN24JA'
DEBUG: ErrorXML: StringToSign: 'AWS4-HMAC-SHA256\n20160628T172406Z\n20160628/us-east-1/s3/aws4_request\n28c7dfca5f1168f0dcca7ea00e162428bfbedef4fa1134ad78ee62e5a6cc980b'
DEBUG: ErrorXML: SignatureProvided: 'b824c9cac98548727b9f5d37a846f7861d016a67c0808abfa0fa8b5b60ae5256'
DEBUG: ErrorXML: StringToSignBytes: '41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 36 30 36 32 38 54 31 37 32 34 30 36 5a 0a 32 30 31 36 30 36 32 38 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 32 38 63 37 64 66 63 61 35 66 31 31 36 38 66 30 64 63 63 61 37 65 61 30 30 65 31 36 32 34 32 38 62 66 62 65 64 65 66 34 66 61 31 31 33 34 61 64 37 38 65 65 36 32 65 35 61 36 63 63 39 38 30 62'
DEBUG: ErrorXML: CanonicalRequest: 'PUT\n/demo/\n\nhost:s3.amazonaws.com\nx-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\nx-amz-date:20160628T172406Z\n\nhost;x-amz-content-sha256;x-amz-date\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
DEBUG: ErrorXML: CanonicalRequestBytes: '50 55 54 0a 2f 64 65 6d 6f 2f 0a 0a 68 6f 73 74 3a 73 33 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 36 30 36 32 38 54 31 37 32 34 30 36 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35'
DEBUG: ErrorXML: RequestId: '28D82BDDC61CEF61'
DEBUG: ErrorXML: HostId: '70V5Ew7PF14d0QxKT59GhMEc0MOC1TSQ8TN5U6t9ouUoAQWp/l/4odiLtqDuuvRBxQBcH1Cv/aM='
ERROR: S3 error: 403 (SignatureDoesNotMatch): The request signature we calculated does not match the signature you provided. Check your key and signing method.

[LaurenSpiegel]

Closing because this is a s3cmd issue. Cannot specify port 80 with s3cmd or else the signature is wrong.