I got this error after $client->createCheckoutSession($payload, $headers):
"{"reasonCode":"InvalidRequestSignature","message":"Unable to verify signature, signing String [AMZN-PAY-RSASSA-
My customer gives me the public_key_id and pem file via Amazon Seller Central, the public_key_id is correct.
Could this error be caused by an incorrect PEM file? Should I ask the customer to verify if the PEM file was downloaded from Amazon Seller Central?
I have already run the same code on two different devices and confirmed that the environment meets the SDK requirements.
Thank you.
My code:
<?php
require __DIR__ . '/vendor/autoload.php';
$amazonpay_config = array(
'public_key_id' => 'SANDBOX-XXXXXXX',
'private_key' => './private.pem',
'region' => 'US',
'algorithm' => 'AMZN-PAY-RSASSA-PSS-V2',
);
$payload = array(
'webCheckoutDetails' => array(
'checkoutReviewReturnUrl' => 'https://localhost/store/checkout_review',
'checkoutResultReturnUrl' => 'https://localhost/store/checkout_result'
),
'storeId' => 'amzn1.application-oa2-client.XXXXXXXXXXX'
);
$headers = array('x-amz-pay-Idempotency-Key' => uniqid());
$client = new AmazonPayAPIClient($amazonpay_config);
$resultCheckOut = $client->createCheckoutSession($payload, $headers);
var_dump($resultCheckOut);exit;