Using Linux commands and OpenSSL for base64 encoding and encryption - Amazon CloudFront

Using Linux commands and OpenSSL for base64 encoding and encryption

You can use the following Linux command-line command and OpenSSL to hash and sign the policy statement, base64-encode the signature, and replace characters that are not valid in URL query string parameters with characters that are valid.

For information about OpenSSL, go to https://www.openssl.org.


				1
			cat policy | 
				3
			tr -d "\n" | tr -d " \t\n\r" | 
				3
			openssl sha1 -sign private_key.pem | 
				4
			openssl base64 | 
				5
			tr -- '+=/' '-_~'

where:


					1
				cat reads the policy file.


					2
				tr -d "\n" | tr -d " \t\n\r" removes the white spaces and newline character that were added by cat.


				3
			OpenSSL hashes the file using SHA-1 and signs it using RSA and the private key file private_key.pem.


					4
				OpenSSL base64-encodes the hashed and signed policy statement.


					5
				tr replaces characters that are not valid in URL query string parameters with characters that are valid.

For code examples that demonstrate creating a signature in several programming languages see Code examples for creating a signature for a signed URL.