public static function WeixinRequest($path, $body = '', $method = 'GET', $is_json = true)
{
// 平台证书序列号
if($path != '/v3/certificates')
{
$certificate = self::WeixinPlatformCertificate();
if($certificate['code'] != 0)
{
return $certificate;
}
}
// 请求签名+token
$timestamp = strval(time());
$nonce = strtoupper(RandomString(32));
$body_json = empty($body) ? '' : json_encode($body, JSON_UNESCAPED_UNICODE);
$message = $method."\n".$path."\n".$timestamp."\n".$nonce."\n".$body_json."\n";
openssl_sign($message, $raw_sign, self::PrivateKey(), OPENSSL_ALGO_SHA256);
$sign = base64_encode($raw_sign);
$schema = 'WECHATPAY2-SHA256-RSA2048';
$token = sprintf('mchid="%s",nonce_str="%s",timestamp="%d",serial_no="%s",signature="%s"', self::$config['weixin_merchant_id'], $nonce, $timestamp, self::$config['weixin_serial_no'], $sign);
// 头信息
$header = [
'Content-Type: application/json',
'Accept: application/json',
'User-Agent: */*',
'Authorization: '.$schema.' '.$token,
];
// 非证书获取增加平台证书序列号
if($path != '/v3/certificates')
{
$header[] = 'Wechatpay-Serial: '.$certificate['data']['serial_no'];
}
// 请求接口
$url = 'https://api.mch.weixin.qq.com';
$ret = CurlPost($url.$path, $body, 1, 30, $method, $header);
if(!empty($ret['data']) && $is_json)
{
$ret['data'] = json_decode($ret['data'], true);
}
return $ret;
}
提示:"{"code":"SIGN_ERROR","detail":{"detail":{"issue":"sign not match"},"field":"signature","location":"authorization","sign_information":{"method":"POST","sign_message_length":740,"truncated_sign_message":"POST\n/v3/fund-app/mch-transfer/transfer-bills\n1742393857\nRPSGCWSYNUFH7KMKCT9QXCNEXMXJUT4F\n{\"appid\"\n","url":"/v3/fund-app/mch-transfer/transfer-bills"}},"message":"错误的签名,验签失败"}"
怎么解决呢,求各位大咖指点下
https://pay.weixin.qq.com/doc/v3/merchant/4012365352签名错误的话, 辛苦用验签工具验下签名。注意商户号mchid、apiclient_key.pem和商户序列号要对应。然后计算签名的签名串要和实际请求时Authorization中的时间戳和随机串一致。注意body格式和内容签名和请求接口的也要一致,避免参数转移导致签名错误。