diff --git a/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/filter/PreValidateFilter.java b/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/filter/PreValidateFilter.java
index 6f28cb11..d5680521 100644
--- a/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/filter/PreValidateFilter.java
+++ b/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/filter/PreValidateFilter.java
@@ -39,7 +39,7 @@ public class PreValidateFilter extends BaseZuulFilter {
         try {
             validator.validate(param);
         } catch (ApiException e) {
-            log.error("签名验证失败，params:{}", param.toJSONString(), e);
+            log.error("验证失败，params:{}", param.toJSONString(), e);
             throw e;
         }
         return null;
diff --git a/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/validate/ApiValidator.java b/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/validate/ApiValidator.java
index 38e937ca..eae626d7 100644
--- a/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/validate/ApiValidator.java
+++ b/sop-gateway-common/src/main/java/com/gitee/sop/gatewaycommon/validate/ApiValidator.java
@@ -118,14 +118,17 @@ public class ApiValidator implements Validator {
     protected void checkSign(ApiParam param) {
         String clientSign = param.fetchSign();
         try {
-            if (StringUtils.isEmpty(param.fetchSign())) {
+            if (StringUtils.isEmpty(clientSign)) {
                 throw ErrorEnum.ISV_MISSING_SIGNATURE.getErrorMeta().getException(param.fetchNameVersion(), ParamNames.SIGN_NAME);
             }
-            String secret = ApiContext.getApiConfig().getAppSecretManager().getSecret(param.fetchAppKey());
+            ApiConfig apiConfig = ApiContext.getApiConfig();
+            AppSecretManager appSecretManager = apiConfig.getAppSecretManager();
+            // 根据appId获取秘钥
+            String secret = appSecretManager.getSecret(param.fetchAppKey());
             if (StringUtils.isEmpty(secret)) {
                 throw ErrorEnum.ISV_MISSING_SIGNATURE_CONFIG.getErrorMeta().getException();
             }
-            Signer signer = ApiContext.getApiConfig().getSigner();
+            Signer signer = apiConfig.getSigner();
             boolean isRightSign = signer.checkSign(ApiContext.getRequest(), secret);
             // 错误的sign
             if (!isRightSign) {