WECHATPAY2-SHA256-RSA2048 mchid="1531113361",nonce_str="togiz2ig.ccl",timestamp="1623918286",serial_no="32F904B369C2CEA9D44BEFBF4D6A8CA178CEC921",signature="DUPuhcJ5ssmnsPwY09Dl9gDXeJ2jhQ1h5JJpVixTlrL/yFWp1lrDAsmcGjL+CyxhhT7TFWdVKcLNVuLJAJv8Cs2jzKOrjVdPlUUQbBbz8xef0btnV78bao5Xx1OwaA0/2iaPpBgEut1oPQT1hkQNibM76HKLVSpu01jrg9VhYR5UTQmd14rRjDfs4W8sRWx9tSw2cKSC+BeK/SvzHEfeAeRmV2QTQkId8YXe4aO5BQbvKH6AcBxsT3uMw/012LmJjohyFuh2TumCRd9hic7G2rjcTdGiJT2cMFb8VINIdYavWnEINzG3jvjCkMkKi/eQiBGsXuSrRBw3zix9YZgzeA=="
{"code":"SIGN_ERROR","detail":{"detail":{"issue":"sign not match"},"field":"signature","location":"authorization","sign_information":{"method":"POST","sign_message_length":304,"truncated_sign_message":"POST\n/v3/pay/transactions/h5\n1623918286\ntogiz2ig.ccl\n{\"mchid\"\n","url":"/v3/pay/transactions/h5"}},"message":"错误的签名,验签失败"}
请注意以下几点:
1) 签名与生成Authorization用的同一个时间戳跟随机串。
2) 构造签名串时,里面的url不需要ToLowCase(),不用UrlEncode(),商户请求的url后缀是什么,签名用的url后缀就是什么。
3) 查询订单使用的是GET,构建签名串时,里面用的请求报文为空(但是那个换行符还是要有哈)。
4)检查证书和商户号是否正确,如是服务商模式,需使用服务商的相关证书。
更多签名相关内容可以查看这里:
https://wechatpay-api.gitbook.io/wechatpay-api-v3/chang-jian-wen-ti/qian-ming-xiang-guan#ru-he-ding-wei-cuo-wu-de-qian-ming-dao-zhi-yan-qian-shi-bai-de-cuo-wu