We're using Claudia.js to deploy a lambda function for an Alexa skill. Everything works on their platform after running claudia update locally, but when we submit the skill for certification, it fails and says:
The skill end-point is not validating the signatures for incoming requests and is accepting requests with an empty signature URL. Please check if your signature validation is correct. To reject an invalid request (with an invalid signature or certificate), the skill should respond with an HTTP status code 400 (Bad Request). Please refer to our documentation on how to build your Alexa Skill as a web service and validate requests and signatures.
-
Link to a minimal, executable project that demonstrates the problem:
Our skill's repo: https://github.com/tylerl0706/alexa-spell
-
More info:
In the Alexa skill SSL cert page, I put in the URL generated by Claudia and also checked the " My development endpoint is a sub-domain of a domain that has a wildcard certificate from a certificate authority" option.