There are a couple of reasons as listed below due to which you may run into this problem.

1. The profile is incorrectly configured with accessKey

2. The user missed binding the accessKey used in the tibtunnel with application in TCI UI.

Let's discuss each reason and solution in detail:

1. In this case, the user incorrectly configures the tibtunnel profile. It is quite a simple mistake that one can do while generating the profile with accessKey. When you configure the profile to use with tibtunnel, you need to specify the accessKeySecret value. 

In case, you mistakenly use the 'accessKey name' itself instead of 'accessKeySecret', then while executing the tibtunnel you'll run into an above-mentioned error.

Ex.

Correct Usage:

mpandav@mpandav-U52:~$ ./tibtunnel configure --profile tciSupport --accessKey Hc4a7Lud2qx+TTxYNHTTqaITysbUaqph5MSN3b+xxxqwcvd

Incorrect Usage:

mpandav@mpandav-U52:~$ ./tibtunnel configure --profile tciSupport --accessKey tciSupport
 

[NOTE: tciSupport is 'AccessKeyName' and given accessKeySecret has dummy values,  just for explanation purpose]

2. This simple mistake occurs when the user configures the tibtunnel with correct credentials and provided the required specs to connect with onPrem servers, they think that it is only required steps and misses the configuration at the application level.

Sometimes, it is quite obvious to miss to bind the application with configured tibtunnel AccessKey from the dropdown in the TCI UI under the 'Environment Variable' -> 'Hybrid Connectivity' section.

If the user misses configuring the app with tibtunnel accessKey, then you'll run into the above-mentioned error.

The solution, select the 'configured AccessKey' in TCI UI for the application present under 'Environment Variable' -> 'Hybrid Connectivity' -> 'AccessKey'.

Please refer to the attached snapshot for exact details [bindApp-with-AccessKey.png].