This error indicates that the link for downloading the API Co-Signer script expired. To confirm this, run the following command:
root@staging-fire:~ # head cosignerIf the link has expired, you should get the following response:
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIA5QO5IU7PYPUJ7AU6</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256Resolution
To resolve this issue:
- Download a new API Co-Signer script from the Fireblocks Console.
- Run the following script to update the API Co-Signer:
# sudo -i
# curl -o cosigner "script_to_download_cosigner_from_above_step"
# chmod +x cosigner
# ./cosigner setup - Complete the steps to install the API Co-Signer software without a Callback Handler.
Important
If you have a new installation, make sure to create an API user and select the First user on this machine checkbox.
Need additional help?
If you have a question or need assistance, contact Fireblocks Support and include the following information in your request:
- Workspace name
- The first four characters of the corresponding API key
- User information (indicate whether the user is an active Co-Signer or is going through initial setup)
Additionally, copy the following logs from the API Co-Signer:
- Transaction handling (/databases/cosigner/log/customer_cosigner.log)
- Transaction signing flow
- Logging the Callback Handler request and response
- Configuration changes to the API Co-Signer (date_time.run.log)
- Setup
- Pairing a new API user
- Changing the Callback Handler URL