Can't seem to sign AWS Cloud Front URL properly
Posted
by Joe Corkery
on Stack Overflow
See other posts from Stack Overflow
or by Joe Corkery
Published on 2010-05-18T13:16:08Z
Indexed on
2010/05/18
13:21 UTC
Read the original article
Hit count: 268
php
|amazon-web-services
Hi everybody,
I found a lot of detailed examples online on how to sign an Amazon CloudFront URL for private content. Unfortunately, whenever I implement these examples my URL doesn't seem to work. The resource path is correct because I can download the file when it is set for world read, but the URL doesn't work when set just for authorized users. The PHP code I am using is below. If anybody has any insights as to what I might be doing wrong (I'm guessing it is something obvious that I am just not seeing right now), it would be greatly appreciated.
function urlCloudFront($resource) {
$AWS_CF_KEY = 'APKA...';
$priv_key = file_get_contents(path_to_pem_file);
$pkeyid = openssl_get_privatekey($priv_key);
$expires = strtotime("+ 3 hours");
$policy_str = '{"Statement":[{"Resource":"'.$resource.'","Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}}]}';
$policy_str = trim( preg_replace( '/\s+/', '', $policy_str ) );
$res = openssl_sign($policy_str, $signature, $pkeyid, OPENSSL_ALGO_SHA1);
$signature_base64 = (base64_encode($signature));
$repl = array('+' => '-','=' => '_','/' => '~');
$signature_base64 = strtr($signature_base64,$repl);
$url = $resource . '?Expires=' .$expires. '&Signature=' . $signature_base64 . '&Key-Pair-Id='. $AWS_CF_KEY;
print '<p><A href="' .$url. '">Download VIDA (CloudFrount)</A>';
}
urlCloudFront("http://mydistcloud.cloudfront.net/mydir/myfile.tar.gz");
Thanks.
© Stack Overflow or respective owner