diff --git a/plugins/wasm-cpp/extensions/hmac_auth/plugin.cc b/plugins/wasm-cpp/extensions/hmac_auth/plugin.cc
index b72290114..1c2fb1fb9 100644
--- a/plugins/wasm-cpp/extensions/hmac_auth/plugin.cc
+++ b/plugins/wasm-cpp/extensions/hmac_auth/plugin.cc
@@ -116,6 +116,9 @@ std::string getStringToSign() {
       getRequestHeader(CA_SIGNATURE_HEADERS)->toString();
   std::vector<std::string> header_arr;
   for (const auto& header : absl::StrSplit(dynamic_check_headers, ",")) {
+    if (header.empty()) {
+      continue;
+    }
     auto lower_header = absl::AsciiStrToLower(header);
     if (lower_header == CA_SIGNATURE || lower_header == CA_SIGNATURE_HEADERS) {
       continue;
diff --git a/plugins/wasm-cpp/extensions/hmac_auth/plugin_test.cc b/plugins/wasm-cpp/extensions/hmac_auth/plugin_test.cc
index a3e1831bb..399a4d1e3 100644
--- a/plugins/wasm-cpp/extensions/hmac_auth/plugin_test.cc
+++ b/plugins/wasm-cpp/extensions/hmac_auth/plugin_test.cc
@@ -197,6 +197,36 @@ TEST_F(HmacAuthTest, Sign) {
             FilterHeadersStatus::Continue);
 }
 
+TEST_F(HmacAuthTest, SignWithoutDynamicHeader) {
+  headers_ = {
+      {":path", "/Third/Tools/checkSign"},
+      {":method", "GET"},
+      {"accept", "application/json"},
+      {"x-ca-key", "appKey"},
+      {"x-ca-signature", "ZpJhkHdtjLTJiR6CJWHL8ikLtPB2z6CoztG21wG3PT4="},
+  };
+  HmacAuthConfigRule rule;
+  rule.credentials = {{"appKey", "appSecret"}};
+  //  EXPECT_EQ(root_context_->checkPlugin(rule, std::nullopt), true);
+
+  std::string configuration = R"(
+{
+  "_rules_": [
+    {
+      "_match_route_":["test"],
+      "credentials":[
+        {"key": "appKey", "secret": "appSecret"}
+      ]
+    }
+  ]
+})";
+  route_name_ = "test";
+  config_.set(configuration);
+  EXPECT_TRUE(root_context_->configure(configuration.size()));
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::Continue);
+}
+
 TEST_F(HmacAuthTest, SignWithConsumer) {
   headers_ = {
       {":path", "/Third/Tools/checkSign"},