1. 首頁
  2. 問答
  3. CloudFront簽名的URL訪問被拒絕

CloudFront簽名的URL訪問被拒絕

2017-08-08 95 views
0

我想在CloudFront上的視頻添加簽名的URL一切都設置正常,但是當我打開我的URL時,它顯示我每次在此處生成URL代碼時出現訪問被拒絕錯誤錯誤CloudFront簽名的URL訪問被拒絕

<Error> 
<Code>AccessDenied</Code> 
<Message>Access Denied</Message> 
<RequestId>081DED49D4E126A6</RequestId> 
<HostId>Lx+3mwxdCGo1vWAGM5RzPHDKrwEkvQwi8XiH2hBgj51XWsxu4gqY3Zr+w1x4ZoZQAYWEHV9u1wA=</HostId> 
</Error>

這裏是我的代碼,我不知道我在做什麼錯在它

<?php 
$urlShow = getSignedURL("http://d22bw8b4o37yyl.cloudfront.net/test/love1.mp4", 500); 
function getSignedURL($resource, $timeout) 
{ 
    //This comes from key pair you generated for cloudfront 
    $keyPairId = "APKAIJP3H7LLN44FL2OQ"; 

    $expires = time() + $timeout; //Time out in seconds 
    $json = '{"Statement":[{"Resource":"'.$resource.'","Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}}]}';  

    //Read Cloudfront Private Key Pair 
    $fp=fopen("pk-APKAIJP3H7LLN44FL2OQ.pem","r"); 
    $priv_key=fread($fp,8192); 
    fclose($fp); 

    //Create the private key 
    $key = openssl_get_privatekey($priv_key); 
    if(!$key) 
    { 
     echo "<p>Failed to load private key!</p>"; 
     return; 
    } 

    //Sign the policy with the private key 
    if(!openssl_sign($json, $signed_policy, $key, OPENSSL_ALGO_SHA1)) 
    { 
     echo '<p>Failed to sign policy: '.openssl_error_string().'</p>'; 
     return; 
    } 

    //Create url safe signed policy 
    $base64_signed_policy = base64_encode($signed_policy); 
    $signature = str_replace(array('+','=','/'), array('-','_','~'), $base64_signed_policy); 

    //Construct the URL 
    $url = $resource.'?Expires='.$expires.'&Signature='.$signature.'&Key-Pair-Id='.$keyPairId; 

    return $url; 
} 

echo $urlShow; 
?>

來源

2017-08-08 Rtra

回答

0

你得到這個,因爲到期的持續時間在你的代碼ISN」已經使用適當的。要解決這個問題,首先我們需要更新政策和使用適當的密鑰對-ID私人然後重點在代碼中使用合適的Unix時間戳這樣time() + 600兩行,而不是500PHP, time - Manual

以下是完整的代碼,將解決這個問題

<?php 
$urlShow = getSignedURL("http://d22bw8b4o37yyl.cloudfront.net/test/love1.mp4", time() + 600); 
function getSignedURL($resource, $timeout) { 
//This comes from key pair you generated for cloudfront 
$keyPairId = "APKAIJP3H7LLN44FL2OQ"; 

$expires = time() + $timeout; //Time out in seconds 
$json = '{"Statement":[{"Resource":"'.$resource.'","Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}}]}'; 

//Read Cloudfront Private Key Pair 
$fp=fopen("pk-APKAIJP3H7LLN44FL2OQ.pem","r"); 
$priv_key=fread($fp,8192); 
fclose($fp); 

//Create the private key 
$key = openssl_get_privatekey($priv_key); 
if(!$key) { 
echo "<p>Failed to load private key!</p>"; 
return; 
} 

//Sign the policy with the private key 
if(!openssl_sign($json, $signed_policy, $key, OPENSSL_ALGO_SHA1)) { 
echo '<p>Failed to sign policy: '.openssl_error_string().'</p>'; 
return; 
} 

//Create url safe signed policy 
$base64_signed_policy = base64_encode($signed_policy); 
$signature = str_replace(array('+','=','/'), array('-','_','~'), $base64_signed_policy); 

//Construct the URL 
$url = $resource.'?Expires='.$expires.'&Signature='.$signature.'&Key-Pair-Id='.$keyPairId; 
return $url; 
} 

echo $urlShow; 
?>

來源

2017-08-10 17:53:52 Rtra

相關問題

 相關問題