Amazon CloudFront
Developer Guide (API Version 2014-11-06)
Did this page help you?  Yes | No |  Tell us about it...
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.

Using Linux Commands and OpenSSL for Base64-Encoding and Encryption

You can use the following Linux command-line command and OpenSSL to hash and sign the policy statement, base64-encode the signature, and replace characters that are not valid in URL query string parameters with characters that are valid.

For information about OpenSSL, go to http://www.openssl.org.

1 cat policy | 2 openssl sha1 -sign private-key.pem | 3 openssl base64 | 4 tr '+=/' '-_~'

where:

cat sends the base64-encoded policy file to OpenSSL.

OpenSSL hashes the file using SHA-1 and signs it using the private key file private-key.pem.

OpenSSL base64-encodes the hashed and signed policy statement.

tr replaces characters that are not valid in URL query string parameters with characters that are valid.

For code examples that demonstrate creating a signature in several programming languages see Code and Examples for Creating a Signature for a Signed URL.