Restricting access to downlad URL's using public/private key / certificates

How do I restrict access to url's on my site and only allow my client applications to access these urls. I am putting in a rest api to request the url and was thinking I could use public/private key sort of like AWS S3 does. My understanding is th开发者_运维百科at I still need need SSL certificate to secure data during transfer.

Does this seem like a right approach? Also I am unsure on how to go about generating the keys on the server side. I am coding in both rails and php.

I am going use Query Request Authentication to secure the download urls.

http://docs.amazonwebservices.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/index.html?Query_QueryAuth.html