0002-00000408

Issue description

The value of the Signature field in the Authorization request header is invalid.

Causes

You initiated a request that used Amazon S3-compatible V4 signature. The value of the Signature field in the Authorization request header is invalid.

Examples

The request you initiated included the signature in the request header, but the value of the Signature field in the Authorization request header is invalid.

GET /test.txt HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Authorization:AWS4-HMAC-SHA256 Credential=LTAI****************/20221220/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=1
x-amz-content-sha256: abc***
x-amz-date: 20221220T084818Z
x-oss-s3-compat: true

The value of the Signature field in the Authorization request header is 64 characters in length. In the preceding example, the value of the Signature field is 1. The value does not meet the length requirements.

Solutions

Make sure that the Authorization request header is complete and correctly calculated.

GET /test.txt HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Authorization:AWS4-HMAC-SHA256 Credential=LTAI****************/20221220/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=34****
x-amz-content-sha256: abc****
x-amz-date: 20221220T084818Z
x-oss-s3-compat: true

We recommend that you use Amazon S3 SDKs to initiate the request. For more information, see Use Amazon S3 SDKs to access OSS.