Amazon CloudFront
Developer Guide (API Version 2014-11-06)
Did this page help you?  Yes | No |  Tell us about it...
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.

Using a Linux Command and OpenSSL for Base64-Encoding and Encryption

You can use the following Linux command-line command and OpenSSL to hash and sign the policy statement, base64-encode the signature, and replace characters that are not valid in URL query string parameters with characters that are valid.

For information about OpenSSL, go to http://www.openssl.org.

1 cat policy | 2 openssl sha1 -sign private-key.pem | 3 openssl base64 | 4 tr '+=/' '-_~'

where:

cat sends the policy file to OpenSSL.

OpenSSL hashes the file using SHA-1 and signs it using the private key file private-key.pem.

OpenSSL base64-encodes the hashed and signed policy statement.

tr replaces characters that are not valid in URL query string parameters with characters that are valid.

For code examples that demonstrate creating a signature in several programming languages see Code Examples for Creating a Signature for a Signed URL.