Problem description
The signature that is calculated by Object Storage Service (OSS) does not match the signature in the request.
Causes
You initiated a request that uses an Amazon S3-compatible and chunked V4 signature, but the signature in the request does not match the signature that is calculated by OSS.
Examples
You initiated a request that uses an Amazon S3-compatible and chunked V4 signature, but the signature in the request does not match the signature that is calculated by OSS.
Solutions
We recommend that you use Alibaba Cloud SDKs to initiate requests. Alibaba Cloud SDKs automatically generate signatures for the requests without the need to manually calculate a signature. For more information, see Overview.
If a signature mismatch is reported after you use Alibaba Cloud SDKs to initiate a request, perform the following steps to troubleshoot the issue:
Check whether the format of the endpoint is valid.
In this example, the endpoint of the China (Hangzhou) region is used. The valid endpoint is in the following format: http://oss-cn-hangzhou.aliyuncs.com. For more information about the endpoints of other regions, see Regions and endpoints.
Check whether the AccessKey ID and AccessKey secret are valid.
The AccessKey ID and AccessKey secret cannot start or end with a space.
Make sure that the buckets and objects meet the following naming conventions:
Naming conventions for buckets:
The name must be unique in OSS.
The name can contain lowercase letters, digits, and hyphens (-).
The name must start and end with a lowercase letter or a digit.
The name must be 3 to 63 characters in length.
Naming conventions for objects:
The name must be encoded in UTF-8.
The name must be 1 to 1,023 bytes in length.
The name cannot start with a forward slash (/) or a backslash (\).
The name is case-sensitive.
Check the signature method.
If you use the self-signed mode and your business environment supports OSS SDKs, use the signature method provided by OSS SDKs. For more information, see Overview.
If you use the self-signed mode and your business environment does not support OSS SDKs, you must write code to calculate signatures and add the signatures to RESTful API requests. For more information, see Overview.
Check whether additional headers are added to the proxy server.
We recommend that you use Amazon S3 SDKs to initiate the request. For more information, see Use Amazon S3 SDKs to access OSS.