0002-00000065

更新时间:
复制 MD 格式

Problem description

The signature format is invalid. OSS rejects the request because the Signature field in the Authorization header is missing.

Causes

The Authorization header ends with a colon but has no signature value after it. OSS requires a non-empty Signature to authenticate the request.

Examples

The following request triggers this error. The Authorization header ends with a colon and has no signature:

GET /test.txt HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:

Solutions

Compute the Signature value and include it in the Authorization header.

The Authorization header must follow this format:

Authorization = "OSS " + AccessKeyId + ":" + Signature

To compute Signature, use the following formula:

Signature = base64(hmac-sha1(AccessKeySecret,
            VERB + "\n"
            + Content-MD5 + "\n"
            + Content-Type + "\n"
            + Date + "\n"
            + CanonicalizedOSSHeaders
            + CanonicalizedResource))
VariableDescription
AccessKeySecretYour AccessKey secret, used as the HMAC-SHA1 signing key
VERBThe HTTP method of the request (for example, GET, PUT)
Content-MD5The MD5 hash of the request body; leave blank if there is no body
Content-TypeThe MIME type of the request body; leave blank if there is no body
DateThe request date in RFC 1123 format (for example, Tue, 20 Dec 2022 08:48:18 GMT)
CanonicalizedOSSHeadersCanonical form of OSS-specific x-oss-* headers
CanonicalizedResourceThe canonicalized path to the OSS resource

For the full signing specification, see Include signatures in the Authorization header.

Note

To avoid computing signatures manually, use an Alibaba Cloud SDK. SDKs generate and attach the Authorization header automatically. See Overview.