为什么“缺少键对ID查询参数或Cookie值” [英] Why 'Missing Key-Pair-Id query parameter or cookie value'

查看:603
本文介绍了为什么“缺少键对ID查询参数或Cookie值”的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用签名的URL通过AWS cloudfront将S3存储桶作为私有内容提供。

I am trying use signed url to serve S3 bucket as private content via AWS cloudfront.

但是我一直收到此错误'缺少键对ID查询参数或Cookie值

However I keep getting this error 'Missing Key-Pair-Id query parameter or cookie value'

<Error>
<Code>MissingKey</Code>
<Message>
Missing Key-Pair-Id query parameter or cookie value
</Message>
</Error>

以下是示例网址

< A HREF =http://test.example.com/TestContent/test.html?Expires=1431195459&Signature=DSk8HwFScg6EFJla1p8UHB9EM28zXB7k5AwrXZjzByzdlTSMCG-md6MvUFT~pneaahfPbCcvxNWqZNYu5Dc1IE1JrjOhFP52APFsVmJDlPmqoQzOoCECclEsSvMpTPgva8L4TazDLtI6E5EuV632y76ZA8XoT2KHhzcj7ux9XhvQ6wyiiQxK9rb13sZJ~Cm~4qI-028dd6UkEIu1tUIM~SFh72wYjik7v8sfz2z5T5bZGZJrrfryO0zA9wpkabFA8JkrmfuBm55XWqcVk5OSOkrNn7iyuXwmrEeBJxufaiWE84UbfS8He12fh6~-seTr7UnOCtC4mBf4qlGsxCzKiw__&Key-Pair-Id=my -test键的rel = noreferrer> http://test.example.com/TestContent/test.html?Expires=1431195459&Signature=DSk8HwFScg6EFJla1p8UHB9EM28zXB7k5AwrXZjzByzdlTSMCG-md6MvUFT~pneaahfPbCcvxNWqZNYu5Dc1IE1JrjOhFP52APFsVmJDlPmqoQzOoCECclEsSvMpTPgva8L4TazDLtI6E5EuV632y76ZA8XoT2KHhzcj7ux9XhvQ6wyiiQxK9rb13sZJ~Cm~4qI-028dd6UkEIu1tUIM~SFh72wYjik7v8sfz2z5T5bZGZJrrfryO0zA9wpkabFA8JkrmfuBm55XWqcVk5OSOkrNn7iyuXwmrEeBJxufaiWE84UbfS8He12fh6~-seTr7UnOCtC4mBf4qlGsxCzKiw__&密钥对ID = my-tes t键

我已验证签名中没有任何无效字符('+','=','/')。

I have verified that I do not have any invalid characters ('+', '=', '/') in the signature.

并且密钥对ID 显然出现在签名的网址中。

And Key-Pair-Id is clearly present in the signed url.

我的问题:

1) my-test-key 是使用我的IAM创建的。

1) my-test-key is created using my IAM. Is it a problem?

2)是否必须在签名的url中提供策略?

2) Is it a must to provide a policy in a signed url?

3)我是否需要将对象 TestContent / test.html 的任何权限授予OAI?

3) Do I need to grant any permission to the object TestContent/test.html to the OAI?

编辑

如果我将Key-Pair-Id值更改为其他值,我会收到一条不同的错误消息

If I change the Key-Pair-Id value to something else, I will get a different error message

<Error>
<Code>InvalidKey</Code>
<Message>Unknown Key</Message>
</Error>

因此,aws cloudfront显然接受了Key-Pair-Id。

So apparently Key-Pair-Id is accepted by aws cloudfront.

推荐答案

您必须使用CloudFront特定的密钥对。有关如何下载或上传自己的公钥的更多信息:

You have to use CloudFront specific key pairs. More information on how to download or upload your own public key:

http://docs.aws.amazon.com/AWSSecurityCredentials/1.0/AboutAWSCredentials.html#KeyPairs

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html#private-content-creating-cloudfront-key-pairs

这篇关于为什么“缺少键对ID查询参数或Cookie值”的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆