Using Linux commands and OpenSSL for base64 encoding and encryption - Amazon CloudFront
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using Linux commands and OpenSSL for base64 encoding and encryption

You can use the following Linux command-line command and OpenSSL to hash and sign the policy statement, base64-encode the signature, and replace characters that are not valid in URL query string parameters with characters that are valid.

For information about OpenSSL, go to https://www.openssl.org.

1 cat policy | 3 tr -d "\n" | tr -d " \t\n\r" | 3 openssl sha1 -sign private_key.pem | 4 openssl base64 -A | 5 tr -- '+=/' '-_~'

where:

1 cat reads the policy file.

2 tr -d "\n" | tr -d " \t\n\r" removes the white spaces and newline character that were added by cat.

3 OpenSSL hashes the file using SHA-1 and signs it using RSA and the private key file private_key.pem.

4 OpenSSL base64-encodes the hashed and signed policy statement.

5 tr replaces characters that are not valid in URL query string parameters with characters that are valid.

For code examples that demonstrate creating a signature in several programming languages see Code examples for creating a signature for a signed URL.