This drove me nuts for a while, until I figured it out.
Amazon S3 credentials allows the / character in the secret access key. Therefore a key such as “LtibKJ44xWFkXR81jYr1XYgGbABp1/7NUAhJ3tQP” can be assigned by AWS.
It would appear that the / character is not escaped appropriately and therefore keys containing the / throw the very cryptic:
SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.AKIAJ5TI7AJUE2G35ZZQAWS4-HMAC-SHA256