I am getting an error code in Browser when I am accessing the S3 bucket object using Cloudfront Signed URL. I think I have followed the same approach for creating a SignedUrl.
Created a simple S3 bucket with settings for the bucket remained the default.
Created a CloudFront Distribution with settings as :
Origin Domain Name: URL to the S3 bucket (ie. “bucket-name.s3.amazonaws.com”) Restrict Bucket Access: “Yes” Origin Access Identity: “Create a New Identity” Grant Read Permissions on Bucket: “Yes, Update Bucket Policy” Restrict Viewer Access: “Yes” Trusted Signers: “Self”Created a JAVA Method using AWS SDK as follows:
public static void getSignerURL() throws InvalidKeySpecException, IOException { Protocol protocol = Protocol.http; String distributionDomain = "dh6mxa3xww1tk.cloudfront.net"; File privateKeyFile = new File("C:\\Users\\ABC\\Downloads\\pk-APKAJCG2GCNVLNLB7BWA.pem"); String s3ObjectKey = "movie.mp4"; String keyPairId = "APKAJCG2GCNVLNLB7BWA"; Date dateLessThan = DateUtils.parseISO8601Date("2020-11-30T22:20:00.000Z"); Date dateGreaterThan = DateUtils.parseISO8601Date("2011-11-14T22:20:00.000Z"); String ipRange = "192.168.0.1/24"; String url1 = CloudFrontUrlSigner.getSignedURLWithCannedPolicy( protocol, distributionDomain, privateKeyFile, s3ObjectKey, keyPairId, dateLessThan); System.out.println("URL IS : "+url1);}
But getting the Error code in Browser Like this:
<Error>
<Code>InvalidKey</Code>
<Message>Unknown Key</Message>
</Error>
The Private key and Keypair Id got from the CloudFront key pairs section of "Your Security Credentials". URL is generating properly but it is showing an error. The problem still persists even if I convert pem file to der format and use it. Please help me to resolve.