Problem description
After you specified the x-oss-server-side-encryption-context request header in a non-Bring Your Own Key (BYOK) scenario, an error is returned.
Causes
You specified the x-oss-server-side-encryption-context request header in a non-BYOK scenario. This request header is only applicable to BYOK scenarios. If you specified this request header in a non-BYOK scenario, OSS denies the request and returns an error.
Examples
You uploaded an object to a bucket for which server-side encryption by using Key Management Service managed keys (SSE-KMS) is configured.
You did not specify the x-oss-server-side-encryption-key-id request header because it was a non-BYOK scenario.
You specified the x-oss-server-side-encryption-context request header.
The x-oss-server-side-encryption-context request header is not applicable to non-BYOK scenarios. Therefore, an error is returned.
Solutions
You can specify the x-oss-server-side-encryption-context request header only in BYOK scenarios.