I am using using a HTTPS endpoint for a custom skill. The same endpoint serves multiple skills, most of which passed certification without any issues. I receive a response saying "The skill end-point is not validating the signatures for incoming requests and is accepting requests with an invalid signature URL specified."
I am logging all access to my endpoint including the request content and headers, and my endpoint's response and my logs show that my endpoint is indeed returning a HTTP 400 "Bad Request" header as it should. The only "invalid signature URL" that I have seen in my logs that's used as a test is "https://s3.amazonaws.com/blah.api/echo-api-cert-3.pem" and my endpoint does indeed correctly reject the request when it sees this URL.
Again the same endpoint is used for multiple other skills that have passed certification. Please help, thanks.