Menu
Amazon CloudFront
Developer Guide (API Version 2016-09-29)

Using a Linux Command and OpenSSL for Base64-Encoding and Encryption

You can use the following Linux command-line command and OpenSSL to hash and sign the policy statement, base64-encode the signature, and replace characters that are not valid in URL query string parameters with characters that are valid.

For information about OpenSSL, go to http://www.openssl.org.


            1
          cat policy | 
            3
          tr -d "\n" | 
            3
          openssl sha1 -sign private-key.pem | 
            4
          openssl base64 | 
            5
          tr -- '+=/' '-_~'

where:


          1
        cat reads the policy file.


          2
        tr -d "\n" removes a newline character that was added by cat.


          3
        OpenSSL hashes the file using SHA-1 and signs it using RSA and the private key file private-key.pem.


          4
        OpenSSL base64-encodes the hashed and signed policy statement.


          5
        tr replaces characters that are not valid in URL query string parameters with characters that are valid.

For code examples that demonstrate creating a signature in several programming languages see Code Examples for Creating a Signature for a Signed URL.