diff --git a/weed/s3api/auth_signature_v4.go b/weed/s3api/auth_signature_v4.go
index 6eedfc8f3..783fbb4e9 100644
--- a/weed/s3api/auth_signature_v4.go
+++ b/weed/s3api/auth_signature_v4.go
@@ -53,11 +53,11 @@ func (iam *IdentityAccessManagement) reqSignatureV4Verify(r *http.Request) (*Ide
 
 // Constants specific to this file
 const (
-	emptySHA256                    = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
-	streamingContentSHA256         = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"
-	streamingContentSHA256Trailer  = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER"
-	streamingUnsignedPayload       = "STREAMING-UNSIGNED-PAYLOAD-TRAILER"
-	unsignedPayload                = "UNSIGNED-PAYLOAD"
+	emptySHA256                   = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+	streamingContentSHA256        = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"
+	streamingContentSHA256Trailer = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER"
+	streamingUnsignedPayload      = "STREAMING-UNSIGNED-PAYLOAD-TRAILER"
+	unsignedPayload               = "UNSIGNED-PAYLOAD"
 	// Limit for IAM/STS request body size to prevent DoS attacks
 	iamRequestBodyLimit = 10 * (1 << 20) // 10 MiB
 )
diff --git a/weed/s3api/chunked_reader_v4_test.go b/weed/s3api/chunked_reader_v4_test.go
index 7a5fcf551..c45a11274 100644
--- a/weed/s3api/chunked_reader_v4_test.go
+++ b/weed/s3api/chunked_reader_v4_test.go
@@ -291,10 +291,19 @@ func TestSignedStreamingUploadWithTrailer(t *testing.T) {
 	checksum := writer.Sum(nil)
 	base64EncodedChecksum := base64.StdEncoding.EncodeToString(checksum)
 
-	// Build the chunked payload with trailer
+	// Calculate trailer signature
+	// The trailer content is: "x-amz-checksum-crc32:{checksum}\n"
+	trailerContent := "x-amz-checksum-crc32:" + base64EncodedChecksum + "\n"
+	trailerHash := getSHA256Hash([]byte(trailerContent))
+	trailerStringToSign := "AWS4-HMAC-SHA256-TRAILER\n" + amzDate + "\n" + scope + "\n" +
+		finalSignature + "\n" + trailerHash
+	trailerSignature := getSignature(signingKey, trailerStringToSign)
+
+	// Build the chunked payload with trailer and trailer signature
 	payload := fmt.Sprintf("c;chunk-signature=%s\r\n%s\r\n", chunk1Signature, chunk1Data) +
 		fmt.Sprintf("0;chunk-signature=%s\r\n", finalSignature) +
-		"x-amz-checksum-crc32:" + base64EncodedChecksum + "\n\r\n" +
+		trailerContent +
+		"x-amz-trailer-signature:" + trailerSignature + "\r\n" +
 		"\r\n"
 
 	// Create the request