请求url地址:https://api.mch.weixin.qq.com/v3/pay/transactions/h5
请求原串:POST\n
/v3/pay/transactions/h5\n
1631091132\n
E093C1FA550C4237897F7CD09DE403B6\n
{"appid":"wx67cd2b4e42344112","mchid":"1486111111","description":"xxoo","out_trade_no":"12300000234000210908165212000001","notify_url":"https:/xxxxx.xx.com/tencent/weixinh5/notify?appId=123000008","amount":{"total":2,"currency":"CNY"},"scene_info":{"payer_client_ip":"127.0.0.1","h5_info":{"type":"Android","package_name":"123000002"}}}\n
返回:
body={"code":"SIGN_ERROR","detail":{"detail":{"issue":"sign not match"},"field":"signature","location":"authorization","sign_information":{"method":"POST","sign_message_length":419,"truncated_sign_message":"POST\n/v3/pay/transactions/h5\n1631091132\nE093C1FA550C4237897F7CD09DE403B6\n{\"appid\"\n","url":"/v3/pay/transactions/h5"}}
为什么返回的truncated_sign_message里面的{\"appid\"\n","url":"/v3/pay/transactions/h5"}和我请求的{"appid":"wx67cd2b4e42344112","mchid":"1486111111","description":"xxoo","out_trade_no":"12300000234000210908165212000001","notify_url":"https:/xxxxx.xx.com/tencent/weixinh5/notify?appId=123000008","amount":{"total":2,"currency":"CNY"},"scene_info":{"payer_client_ip":"127.0.0.1","h5_info":{"type":"Android","package_name":"123000002"}}}不一致呀?
而且程序签名出来的sign和官方给的加密工具的sign是一致的,就是请求url的时候返回验签失败。已经核对过参数名了,与官方的h5下单接口参数大小写一致,必填参数也核对过了,需要必填的都必填了呀!我也用接口文档的示例参数测试过,也是报验签失败!到底哪不对呀
服务端返回的是个json,json内套json就需要转义,\" 这种显示没有问题的;
你主要看"issue":"sign not match",这个提示你签名不匹配,排查下你上送时E093C1FA550C4237897F7CD09DE403B6这张证书配对的Rsa私钥文件对不对吧。