diff --git a/weed/s3api/chunked_reader_v4.go b/weed/s3api/chunked_reader_v4.go
index d8fdc7525..6ee46c82b 100644
--- a/weed/s3api/chunked_reader_v4.go
+++ b/weed/s3api/chunked_reader_v4.go
@@ -379,16 +379,15 @@ func (cr *s3ChunkedReader) Read(buf []byte) (n int, err error) {
 			if extractedCheckSumAlgorithm.String() != cr.checkSumAlgorithm {
 				errorMessage := fmt.Sprintf("checksum algorithm in trailer '%s' does not match the one advertised in the header '%s'", extractedCheckSumAlgorithm.String(), cr.checkSumAlgorithm)
 				glog.V(3).Info(errorMessage)
-				cr.err = errors.New(errorMessage)
+				cr.err = errors.New(s3err.ErrMsgChecksumAlgorithmMismatch)
 				return 0, cr.err
 			}
 
 			computedChecksum := cr.checkSumWriter.Sum(nil)
 			base64Checksum := base64.StdEncoding.EncodeToString(computedChecksum)
 			if string(extractedChecksum) != base64Checksum {
-				// TODO: Return BadDigest
 				glog.V(3).Infof("payload checksum '%s' does not match provided checksum '%s'", base64Checksum, string(extractedChecksum))
-				cr.err = errors.New("payload checksum does not match")
+				cr.err = errors.New(s3err.ErrMsgPayloadChecksumMismatch)
 				return 0, cr.err
 			}
 
@@ -449,7 +448,7 @@ func (cr *s3ChunkedReader) Read(buf []byte) (n int, err error) {
 			newSignature := cr.getChunkSignature(hashedChunk)
 			if !compareSignatureV4(cr.chunkSignature, newSignature) {
 				// Chunk signature doesn't match we return signature does not match.
-				cr.err = errors.New("chunk signature does not match")
+				cr.err = errors.New(s3err.ErrMsgChunkSignatureMismatch)
 				return 0, cr.err
 			}
 			// Newly calculated signature becomes the seed for the next chunk
diff --git a/weed/s3api/s3api_object_handlers_put.go b/weed/s3api/s3api_object_handlers_put.go
index 716fec0aa..0b0be5fe5 100644
--- a/weed/s3api/s3api_object_handlers_put.go
+++ b/weed/s3api/s3api_object_handlers_put.go
@@ -126,6 +126,9 @@ func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader
 
 	if postErr != nil {
 		glog.Errorf("post to filer: %v", postErr)
+		if strings.Contains(postErr.Error(), s3err.ErrMsgPayloadChecksumMismatch) {
+			return "", s3err.ErrInvalidDigest
+		}
 		return "", s3err.ErrInternalError
 	}
 	defer resp.Body.Close()
diff --git a/weed/s3api/s3err/s3api_errors.go b/weed/s3api/s3err/s3api_errors.go
index f41c3620c..bcb0a26a8 100644
--- a/weed/s3api/s3err/s3api_errors.go
+++ b/weed/s3api/s3err/s3api_errors.go
@@ -112,6 +112,13 @@ const (
 	ErrNoSuchTagSet
 )
 
+// Error message constants for checksum validation
+const (
+	ErrMsgPayloadChecksumMismatch   = "payload checksum does not match"
+	ErrMsgChunkSignatureMismatch    = "chunk signature does not match"
+	ErrMsgChecksumAlgorithmMismatch = "checksum algorithm mismatch"
+)
+
 // error code to APIError structure, these fields carry respective
 // descriptions for all the error responses.
 var errorCodeResponse = map[ErrorCode]APIError{