diff --git a/cmd/signature-v2.go b/cmd/signature-v2.go
index 3eae6e0d0..a936a55e8 100644
--- a/cmd/signature-v2.go
+++ b/cmd/signature-v2.go
@@ -69,6 +69,22 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
 		return ErrExpiredPresignRequest
 	}
 
+	// Save incoming siganture to be validated later.
+	incomingSignature := req.URL.Query().Get("Signature")
+
+	// Set the expires header for string to sign.
+	req.Header.Set("Expires", strconv.FormatInt(expired, 10))
+
+	/// Empty out the query params, we only need to validate signature.
+	query := req.URL.Query()
+	// Remove all the query params added for signature alone, we need
+	// a proper URL for string to sign.
+	query.Del("Expires")
+	query.Del("AWSAccessKeyId")
+	query.Del("Signature")
+	// Query encode whatever is left back to RawQuery.
+	req.URL.RawQuery = queryEncode(query)
+
 	// Get presigned string to sign.
 	stringToSign := preStringifyHTTPReq(req)
 	hm := hmac.New(sha1.New, []byte(cred.SecretAccessKey))
@@ -76,7 +92,7 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
 
 	// Calculate signature and validate.
 	signature := base64.StdEncoding.EncodeToString(hm.Sum(nil))
-	if req.URL.Query().Get("Signature") != signature {
+	if incomingSignature != signature {
 		return ErrSignatureDoesNotMatch
 	}