section> Computing
  • Auto Scaling
  • Bare Metal Server
  • Dedicated Host
  • Elastic Cloud Server
  • FunctionGraph
  • Image Management Service
Network
  • Direct Connect
  • Domain Name Service
  • Elastic IP
  • Elastic Load Balancing
  • Enterprise Router
  • NAT Gateway
  • Private Link Access Service
  • Secure Mail Gateway
  • Virtual Private Cloud
  • Virtual Private Network
  • VPC Endpoint
Storage
  • Cloud Backup and Recovery
  • Cloud Server Backup Service
  • Elastic Volume Service
  • Object Storage Service
  • Scalable File Service
  • Storage Disaster Recovery Service
  • Volume Backup Service
Application
  • API Gateway (APIG)
  • Application Operations Management
  • Application Performance Management
  • Distributed Message Service (for Kafka)
  • Simple Message Notification
Data Analysis
  • Cloud Search Service
  • Data Lake Insight
  • Data Warehouse Service
  • DataArts Studio
  • MapReduce Service
  • ModelArts
  • Optical Character Recognition
Container
  • Application Service Mesh
  • Cloud Container Engine
  • Cloud Container Instance
  • Software Repository for Containers
Databases
  • Data Replication Service
  • Distributed Cache Service
  • Distributed Database Middleware
  • Document Database Service
  • GeminiDB
  • Relational Database Service
  • TaurusDB
Management & Deployment
  • Cloud Create
  • Cloud Eye
  • Cloud Trace Service
  • Config
  • Log Tank Service
  • Resource Formation Service
  • Tag Management Service
Security Services
  • Anti-DDoS
  • Cloud Firewall
  • Database Security Service
  • Dedicated Web Application Firewall
  • Host Security Service
  • Identity and Access Management
  • Key Management Service
  • Web Application Firewall
Other
  • Enterprise Dashboard
  • Marketplace
  • Price Calculator
  • Status Dashboard
APIs
  • REST API
  • API Usage Guidelines
  • Endpoints
Development and Automation
  • SDKs
  • Drivers and Tools
  • Terraform
  • Ansible
  • Cloud Create
Architecture Center
  • Best Practices
  • Blueprints
IaaSComputingAuto ScalingBare Metal ServerDedicated HostElastic Cloud ServerFunctionGraphImage Management ServiceNetworkDirect ConnectDomain Name ServiceElastic IPElastic Load BalancingEnterprise RouterNAT GatewayPrivate Link Access ServiceSecure Mail GatewayVirtual Private CloudVirtual Private NetworkVPC EndpointStorageCloud Backup and RecoveryCloud Server Backup ServiceElastic Volume ServiceObject Storage ServiceScalable File ServiceStorage Disaster Recovery ServiceVolume Backup ServicePaaSApplicationAPI Gateway (APIG)Application Operations ManagementApplication Performance ManagementDistributed Message Service (for Kafka)Simple Message NotificationData AnalysisCloud Search ServiceData Lake InsightData Warehouse ServiceDataArts StudioMapReduce ServiceModelArtsOptical Character RecognitionContainerApplication Service MeshCloud Container EngineCloud Container InstanceSoftware Repository for ContainersDatabasesData Replication ServiceDistributed Cache ServiceDistributed Database MiddlewareDocument Database ServiceGeminiDBRelational Database ServiceTaurusDBManagementManagement & DeploymentCloud CreateCloud EyeCloud Trace ServiceConfigLog Tank ServiceResource Formation ServiceTag Management ServiceSecuritySecurity ServicesAnti-DDoSCloud FirewallDatabase Security ServiceDedicated Web Application FirewallHost Security ServiceIdentity and Access ManagementKey Management ServiceWeb Application FirewallOtherOtherEnterprise DashboardMarketplacePrice CalculatorStatus Dashboard

Object Storage Service

  • Introduction
  • OBS REST APIs
    • Locating a Resource
    • Sending a Request
    • Naming a Bucket and Object
    • Authenticating a Request
    • Federal Authentication
    • Request Responses
    • Server-Side Encryption
      • SSE-KMS
      • SSE-C
      • Interfaces Related to Server-Side Encryption
  • Common Headers
  • Error Responses
  • Access Control
  • Operations on Buckets
  • Operations on Objects
  • Glossary
  • Acronyms and Abbreviations
  • Change History
  • S3 API Reference
  • OBS REST APIs
  • Server-Side Encryption
  • Interfaces Related to Server-Side Encryption

Interfaces Related to Server-Side Encryption¶

This section lists the interfaces related to server-side encryption and describes transfer protocols and authentication applicable to the interfaces.

The following tables describe transfer protocols and authentication applicable to the interfaces related to server-side encryption.

Table 1 Transfer protocols and authentication applicable to SSE-C-related interfaces¶

Interface

Transfer Protocol

Authentication

PUT Object

HTTPS

V2 or V4

POST Object

HTTPS

V2 or V4

Initiate Multipart Upload

HTTPS

V2 or V4

HEAD Object

HTTPS

V2 or V4

GET Object

HTTPS

V2 or V4

Upload Part

HTTPS

V2 or V4

Complete Multipart Upload

HTTP or HTTPS

V2 or V4

Table 2 Transfer protocols and authentication applicable to SSE-KMS-related interfaces¶

Interface

Transfer Protocol

Authentication

PUT Object

HTTPS

V4

POST Object

HTTPS

V4

Initiate Multipart Upload

HTTPS

V4

HEAD Object

HTTP or HTTPS

V2 or V4

GET Object

HTTPS

V4

Upload Part

HTTPS

V4

Complete Multipart Upload

HTTP or HTTPS

V2 or V4

Table 3 Transfer protocols and authentication applicable to PUT Object - Copy interfaces¶

Source Object

Target Object

Transfer Protocol

Authentication

Non-encrypted object

Object encrypted using SSE-KMS

HTTPS

V4

Object encrypted using SSE-KMS

Object encrypted using SSE-KMS

HTTPS

V4

Object encrypted using SSE-C

Object encrypted using SSE-KMS

HTTPS

V4

Non-encrypted object

Object encrypted using SSE-C

HTTPS

V2 or V4

Object encrypted using SSE-KMS

Object encrypted using SSE-C

HTTPS

V2 or V4

Object encrypted using SSE-C

Object encrypted using SSE-C

HTTPS

V2 or V4

Non-encrypted object

Non-encrypted object

HTTP or HTTPS

V2 or V4

Object encrypted using SSE-KMS

Non-encrypted object

HTTP or HTTPS

V2 or V4

Object encrypted using SSE-C

Non-encrypted object

HTTP or HTTPS

V2 or V4

Table 4 Transfer protocols and authentication applicable to Upload Part - Copy interfaces¶

Source Object

Target Part

Transfer Protocol

Authentication

Non-encrypted object

Part encrypted using SSE-KMS

HTTP or HTTPS

V2 or V4

Object encrypted using SSE-KMS

Part encrypted using SSE-KMS

HTTP or HTTPS

V2 or V4

Object encrypted using SSE-C

Part encrypted using SSE-KMS

HTTP or HTTPS

V2 or V4

Non-encrypted object

Part encrypted using SSE-C

HTTPS

V2 or V4

Object encrypted using SSE-KMS

Part encrypted using SSE-C

HTTPS

V2 or V4

Object encrypted using SSE-C

Part encrypted using SSE-C

HTTPS

V2 or V4

Non-encrypted object

Non-encrypted part

HTTP or HTTPS

V2 or V4

Object encrypted using SSE-KMS

Non-encrypted part

HTTP or HTTPS

V2 or V4

Object encrypted using SSE-C

Non-encrypted part

HTTP or HTTPS

V2 or V4

  • Prev
  • Next
last updated: 2025-07-15 16:04 UTC - commit: 243086a2187d61c3df262954d9fb399716a3e2f8
Edit pageReport Documentation Bug
Page Contents
  • Interfaces Related to Server-Side Encryption
© T-Systems International GmbH
  • Contact
  • Data privacy
  • Disclaimer of Liabilities
  • Imprint