Menu
Amazon CloudFront
Developer Guide (API Version 2016-08-01)

Using a Linux Command and OpenSSL for Base64-Encoding and Encryption

You can use the following Linux command-line command and OpenSSL to hash and sign the policy statement, base64-encode the signature, and replace characters that are not valid in URL query string parameters with characters that are valid.

For information about OpenSSL, go to http://www.openssl.org.

1 cat policy | 3 tr -d "\n" | 3 openssl sha1 -sign private-key.pem | 4 openssl base64 | 5 tr -- '+=/' '-_~'

where:

1 cat reads the policy file.

2 tr -d "\n" removes a newline character that was added by cat.

3 OpenSSL hashes the file using SHA-1 and signs it using RSA and the private key file private-key.pem.

4 OpenSSL base64-encodes the hashed and signed policy statement.

5 tr replaces characters that are not valid in URL query string parameters with characters that are valid.

For code examples that demonstrate creating a signature in several programming languages see Code Examples for Creating a Signature for a Signed URL.