Java amazonS3.generatePresignedUrl - 如何配置https://s3.amazonaws.com/mycompany而不是https://mycompany.s3.amazonaws.com/com.mycompany

时间:2017-06-23 15:38:10

标签: java ssl amazon-s3 pre-signed-url

我们使用预先签名的s3网址来提供对存储在s3中的图像的Web访问。

我们用来生成预签名网址的java代码类似于下面的

String accessKey = ...;
String secretKey = ...;
String region = ...;
com.amazonaws.HttpMethod awsHttpMethod = ...;
String bucketName = ...;
String objectKey = ...;
Date expirationDate = ...;

BasicAWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
AmazonS3 s3Client = AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(creds)).withRegion(region).build();
GeneratePresignedUrlRequest generatePresignedUrlRequest = new GeneratePresignedUrlRequest(bucketName, objectKey);
generatePresignedUrlRequest.setMethod(awsHttpMethod);
generatePresignedUrlRequest.setExpiration(expirationDate);
URL url = s3Client.generatePresignedUrl(generatePresignedUrlRequest);

代码生成的url类似于

https://com.mycompany.personalpictures.s3.amazonaws.com/picture123.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20170623T150540Z&X-Amz-SignedHeaders=host&X-Amz-Expires=59&X-Amz-Credential=AKIAIVLB4ANK6B45G3IA%2F20170623%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=d25d407ee8efa76f339388ec93579a19be8eaead9663d6d378cf2ec6d9d9cac2

但是,由于我们的广告系列命名标准包含点,因此调用上述网址会导致SSL: no alternative certificate subject name matches target host name 'com.mycompany.personalpictures.s3.amazonaws.com'错误

我在this post中读到根本原因是存储桶名称中的点,并且使用https://s3.amazonaws.com/com.mycompany.personalpictures/picture123.png应该绕过问题。

如何使用网址格式https://s3.amazonaws.com/mybucket/myfile生成预先指定的网址?

1 个答案:

答案 0 :(得分:1)

想出来......

创建s3客户端时需要使用.enablePathStyleAccess()。现在,代码行是

AmazonS3 s3Client = AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(creds)).withRegion(region).enablePathStyleAccess().build();