Spaces CDN returns SignatureDoesNotMatch

Posted November 27, 2018 3.3k views

Hi! I’m successfully using DO Spaces with an Elixir libarary to build presigned urls:

signed_url =

This works fine, but I want to use the CDN to speed up the requests. I tried to add .cdn to the URL:

signed_url =
    # ...
    # ...

However, this doesn’t work – I always get the following error:


I also tried signing the URL without .cdn and just accessing it with .cdn, but got the same error. What am I doing wrong?

1 comment
  • I have the same question. I am using Laravel which uses the Flysystem library. Pre-signed requests (using Storage::disk('s3')->temporaryUrl('file.jpg', now()->addMinutes(10)) works fine with the origin server, but as soon as I add the .cdn to the URL it behaves exactly the same. I would like to be able to use the CDN, but have turned it off for now :(.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
6 answers

I am interested in the same thing. Is it possible to use the CDN with pre-signed requests?

I’m also having issues with this.

I can setup the S3 client and get a presigned URL like so: (C#)

            var clientConfig = new AmazonS3Config()
                ServiceURL = S3_HOST

            var client = new AmazonS3Client(S3_KEY, S3_SECRET, clientConfig);

            var objects = client.ListObjectsAsync(S3_BUCKET).Result;

            var presigned = client.GetPreSignedURL(new GetPreSignedUrlRequest()
                BucketName = S3_BUCKET,
                Key = objects.S3Objects.First().Key,
                Expires = DateTime.Now.AddHours(1)

However it does not “CDNify” the presigned URL, and adding CDN to it results in it being invalid.

Is there a way to generate CDN Presigned URLs? Without this feature, the Digital Ocean spaces and CDN kind of go out the window for our use case :(

Hi, I’m also having issues with this. I’m using Symfony with Flysystem. I have this configuration:

        class: Aws\S3\S3Client
                endpoint: ''
                version: 'latest'
                region: 'ams'
                    key: "my_key"
                    secret: "my_secret"

But i always get the same SignatureDoesNotMatch error. If i remove cdn from endpoint it works, but without this, i agree with Coreinsanity, Digital Ocean spaces won’t be useful

$space = new SpacesConnect($key,$secret,$space_name,$region,‘’);