This is the solution: fix it by converting the MD5 hex to base64 instead of the string.
Example for JS (Node.js or similar, browserify, etc.
new Buffer(md5, 'hex').toString('base64')
I just spent few minutes to figure this out so I thought I could share it. :)
Content-MD5 is always a base64 header.
The base64-encoded 128-bit MD5 digest of the message (without the headers) according to RFC 1864. This header can be used as a message integrity check to verify that the data is the same data that was originally sent. Although it is optional, we recommend using the Content-MD5 mechanism as an end-to-end integrity check. For more information about REST request authentication, go to REST Authentication in the Amazon Simple Storage Service Developer Guide
Type: String
Default: None
Constraints: None
